You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In version 1.2.1, we have fixed a security issue that allowed a correctly crafted
HTTP request to delete arbitrary files and folders, subject to the permissions with which the Node.js process was run. No user account was required to exploit this issue.
All users of this module should immediately run npm update @apostrophecms/import-export and deploy the latest version of this module. The module has been carefully audited for similar issues and best practices have been put in place to prevent any similar issue in future.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
In version 1.2.1, we have fixed a security issue that allowed a correctly crafted
HTTP request to delete arbitrary files and folders, subject to the permissions with which the Node.js process was run. No user account was required to exploit this issue.
All users of this module should immediately run
npm update @apostrophecms/import-export
and deploy the latest version of this module. The module has been carefully audited for similar issues and best practices have been put in place to prevent any similar issue in future.Beta Was this translation helpful? Give feedback.
All reactions