nuBuilder Forum


https://forums.nubuilder.cloud/

Upload without permission

https://forums.nubuilder.cloud/viewtopic.php?t=12219

Page 1 of 1

Upload without permission

Posted: Mon Mar 25, 2024 4:46 pm
by Jannie
We (my student and I) just updated our Nubuilder Forte to latest version on SourceForge (March) and there seems to be a security-issue.
We have a form with image-upload, but since latest update a user without permission to the uploadprocedure can upload a image.
Is this the intention?
Thank you in advance for your response

Re: Upload without permission

Posted: Wed Mar 27, 2024 6:26 pm
by kev1n
Thank you for pointing this out. The access management needs to be revised. At the moment, however, you can add a simple check in the UPLOAD function to see if the corresponding user has the permission.

Re: Upload without permission

Posted: Mon Apr 01, 2024 9:16 am
by Jannie
Thank you for reply! We'll add a check or hide the uploadfield for our users

Re: Upload without permission

Posted: Thu May 16, 2024 4:25 pm
by kev1n
This has been fixed in the latest release.
All times are UTC+02:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited