[Vtigercrm-commits] [Vtiger development] #7903: SOAP AddEmailAttachment Arbitrary File Upload
Vtiger development
vtiger-tickets at trac.vtiger.com
Thu Jan 16 10:34:53 GMT 2014
#7903: SOAP AddEmailAttachment Arbitrary File Upload
-----------------------+-------------------------
Reporter: prasad | Owner: developer
Type: defect | Status: new
Priority: major | Milestone: Unassigned
Component: vtigercrm | Version: 5.4.0
Severity: Medium | Resolution:
Keywords: |
-----------------------+-------------------------
Comment (by prasad):
Fix: You can replace the vtigerolservice.php based on your version of
vtiger - which avoids upload of file with relative path names and ensure
sanitization of the extension as configured.
--
Ticket URL: <http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/7903#comment:3>
Vtiger development <http://trac.vtiger.com/>
Vtiger CRM
More information about the vtigercrm-commits
mailing list