Skip to content

Commit e43e7e1

Browse files
ildyriaCopilot
ildyria
and
Copilot
authored
Update docs/releases.md
Co-authored-by: Copilot <[email protected]>
1 parent d8dad06 commit e43e7e1

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

docs/releases.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ Or modify the value of `APP_KEY` in your `.env` file. This will also invalidate
5353
This vulnerability miss-uses the `$path` variable sent to the server, which is used to access the photos via the `SecurePathController`.
5454
We wrongly assumed that `Storage::disk(StorageDiskType::LOCAL->value)->path($path);` was protected against path traversal attacks which lead to this vulnerability.
5555

56-
When both the encrypted links and the temporary links are disabled, it is possible to call the endpoint with fictuous path values. Ironically, by enabling either of the functionality, the endpoint becomes secure again.
56+
When both the encrypted links and the temporary links are disabled, it is possible to call the endpoint with fictitious path values. Ironically, by enabling either of the functionality, the endpoint becomes secure again.
5757

5858
#### The fix
5959

0 commit comments

Comments
 (0)