diff options
Diffstat (limited to 'changelog.d/check-attachment-attribution.security')
| -rw-r--r-- | changelog.d/check-attachment-attribution.security | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/check-attachment-attribution.security b/changelog.d/check-attachment-attribution.security new file mode 100644 index 000000000..e0e46525b --- /dev/null +++ b/changelog.d/check-attachment-attribution.security @@ -0,0 +1 @@ +CommonAPI: Prevent users from accessing media of other users by creating a status with reused attachment ID |