Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


The security issue involved users whose folder permissions in FileCloud denied them access to a folder's sub-folders, but whose share permissions allowed them access to the same folder's sub-folders. Since these users could see actions on the sub-folders in their activity streams, they were able to view the names (but not the content) of the sub-folders and the files and folders they contained.  If sub-folders or their files were named using confidential information, unauthorized users could see the confidential information, and in this way, it would be shared and possibly exploited.