eZ Community » Security Advisories » EZSA-2016-003: Invalid view...

EZSA-2016-003: Invalid view parameters generate undesired cache

Publication date : 13/09/2016
Severity : Medium
Affected versions : 5.3-5.4, all community versions at time of writing (LegacyBundle/LegacyBridge)
Resolving versions : 5.4.7

Wrongly placed (and not actually handled) view parameters may result in disk space exhaustion since cache is stored for the generated content. We strongly recommend that you install this Security Update as soon as possible.

Patch for eZ Platform (LegacyBridge): https://github.com/ezsystems/LegacyBridge/commit/afd59b7740653a60eacd52acf20cd584c8d5154c

36 542 Users on board!

Community Project menu

Proudly Developed with from