Désactive TUI Image éditeur

2023-05-09 09:13:00 +02:00 · 2023-05-09 09:13:00 +02:00 · 02fb491f9b
commit 02fb491f9b
parent 9baf47f86c
3 changed files with 3 additions and 1 deletions
--- a/CHANGES.md
+++ b/CHANGES.md
@ -3,6 +3,7 @@
 ## Version 12.3.10
 - Edition d'un utilisateur, sélection de la langue de sont interface.
 - Mise à jour du fichier dialog.php de Responsive File Manager
+- Vulnérabilité dans ajax_call.php CVE-2020-10567, désactivation de TUI Editor et de la fonction save_image.

 ## Version 12.3.09
 ### Corrections
--- a/core/vendor/filemanager/ajax_calls.php
+++ b/core/vendor/filemanager/ajax_calls.php
@ -79,6 +79,7 @@ if (isset($_GET['action'])) {
 			}
 			break;
 		case 'save_img':
+            break;
 			$info = pathinfo($_POST['name']);
            $image_data = $_POST['url'];

--- a/core/vendor/filemanager/config/config.php
+++ b/core/vendor/filemanager/config/config.php
@ -487,7 +487,7 @@ $config = array(
    * TUI Image Editor config
    *******************/
    // Add or modify the options below as needed - they will be json encoded when added to the configuration so arrays can be utilized as needed
-    'tui_active'                           => true,
+    'tui_active'                           => false,
    'tui_position'                         => 'bottom',
    // 'common.bi.image'                      => "../assets/images/logo.png",
    // 'common.bisize.width'                  => '70px',