diff --git a/CHANGES.md b/CHANGES.md
index d2a5d3eb..99911b53 100755
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -3,6 +3,7 @@
 ## Version 12.3.10
 - Edition d'un utilisateur, sélection de la langue de sont interface.
 - Mise à jour du fichier dialog.php de Responsive File Manager
+- Vulnérabilité dans ajax_call.php CVE-2020-10567, désactivation de TUI Editor et de la fonction save_image.
 
 ## Version 12.3.09
 ### Corrections
diff --git a/core/vendor/filemanager/ajax_calls.php b/core/vendor/filemanager/ajax_calls.php
index e514186d..4ab1b48d 100644
--- a/core/vendor/filemanager/ajax_calls.php
+++ b/core/vendor/filemanager/ajax_calls.php
@@ -79,6 +79,7 @@ if (isset($_GET['action'])) {
 			}
 			break;
 		case 'save_img':
+            break;
 			$info = pathinfo($_POST['name']);
             $image_data = $_POST['url'];
 
diff --git a/core/vendor/filemanager/config/config.php b/core/vendor/filemanager/config/config.php
index dea2c679..0bf80362 100644
--- a/core/vendor/filemanager/config/config.php
+++ b/core/vendor/filemanager/config/config.php
@@ -487,7 +487,7 @@ $config = array(
     * TUI Image Editor config
     *******************/
     // Add or modify the options below as needed - they will be json encoded when added to the configuration so arrays can be utilized as needed
-    'tui_active'                           => true,
+    'tui_active'                           => false,
     'tui_position'                         => 'bottom',
     // 'common.bi.image'                      => "../assets/images/logo.png",
     // 'common.bisize.width'                  => '70px',