You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, i played a bit with the project and noticed one potential issue. In this function, the mime type could be manipulated by remote user, hence he could upload any file with a manipulated MIME header. The description of such potential vulnerability is here. One could use magic code to check the uploaded file type rather than rely on the MIME or extension
The text was updated successfully, but these errors were encountered:
Hi, i played a bit with the project and noticed one potential issue. In this function, the mime type could be manipulated by remote user, hence he could upload any file with a manipulated MIME header. The description of such potential vulnerability is here. One could use magic code to check the uploaded file type rather than rely on the MIME or extension
The text was updated successfully, but these errors were encountered: