Users can access /webtop/customadmin urls directly

Description

URLs like `/webtop/customadmin/utilities/email.cfm` can be accessed directly from the browser, bypassing FarCry's webtop security.

Environment

None

Activity

Show:
Blair McKenzie
February 17, 2020, 5:05 AM

This access is now blocked using an Application.cfc. Files under /webtop/customadmin/ can now not be accessed directly from the browser.

Assignee

Unassigned

Reporter

Blair McKenzie

Labels

None

Components

Fix versions

Priority

Major
Configure