PKSA-pqnm-5q4k-cx7j Security Advisory
-
[MEDIUM] Craft CMS: Authenticated "assets/preview-thumb" discloses signed fallback transform preview link to CP users without asset-view permission
PKSA-pqnm-5q4k-cx7j GHSA-x76w-8c62-48mg
Affected package: craftcms/cms
Affected version: >=5.0.0-RC1,<=5.9.13|>=4.0.0-RC1,<=4.17.7
Reported by:
GitHub