Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Question/Security - Execution of upload files. #1098
I have a question about management of uploaded file in your application.
Is it intended behavior that uploaded files are executable?
I checked that Codiad has not the mitigations for execution of uploaded file.
Even though uploading feature needs administrator credential, execution of uploaded file is still dangerous.
I think it needs to the mitigations like compressing/encoding upload file or hide the upload path.