Craft CMS: Low-privilege users could read private asset contents when editing an asset (IDOR)

Moderate severity GitHub Reviewed Published Mar 24, 2026 in craftcms/cms • Updated Mar 25, 2026

No open alerts for this advisory

Give feedback on Dependabot alerts