Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
fix: [security] Fixed an RCE vulnerability with user controled entrie…
…s being fed to file_exists - phar protocol paths for php file instructions can lead to RCE via meta-data deserialization - mitigated by the functionalities enabling this being only accessible to site admins - Reported by Dawid Czarnecki
- Loading branch information