[BUG] Unauthorized user can access /conf.yml #1586
Labels
🐛 Bug
[ISSUE] Ticket describing something that isn't working
🕸️ Duplicate
[ISSUE] This issue or pull request already exists
Environment
Self-Hosted (Docker)
System
Chrome 124.0.6367.201, Debian GNU/Linux 12 (bookworm), Docker 20.10.24+dfsg1 build 297e128
Version
3.1.0
Describe the problem
First of all, thanks for creating this product. It's a beautiful, easy to configure, easy to use dashboard that has made it a pleasure to organize my home network.
Now onto to the bug.
With the following settings:
an unauthorized user can access /conf.yml and view the entire config. This seems like a security flaw. Unauthorized users should be denied access to /conf.yml.
Additional info
No response
Please tick the boxes
The text was updated successfully, but these errors were encountered: