Hello Kentico community,I've identified a potential security vulnerability in Kentico 13, where end users can access BizForm data and associated file attachments through direct URLs, compromising the confidentiality of the data.Has anyone encountered a similar security concern regarding unrestricted access to BizForm data?
What are the recommended measures or best practices to secure BizForm data and prevent unauthorized access to file attachments via URLs?
To provide a clearer context, the vulnerability allows users to access data, including file attachments, through URLs like:
mydomainUrl/BizForm/guid?filename.jpg/pdf/formdataAny guidance or solutions on mitigating this security risk would be highly valuable.
↧