[ https://issues.apache.org/jira/browse/JSPWIKI-1039?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Harvey Echain updated JSPWIKI-1039: ----------------------------------- Security: (was: Security Vulnerability Disclosure) > ACLs are not taken into account when cache is disabled > ------------------------------------------------------ > > Key: JSPWIKI-1039 > URL: https://issues.apache.org/jira/browse/JSPWIKI-1039 > Project: JSPWiki > Issue Type: Bug > Components: Authentication & Authorization > Affects Versions: 2.10.2, 2.10.3 > Reporter: Harvey Echain > Priority: Critical > > Just set jspwiki.usePageCache to false, and find out (by accident) that ACLs > are not taken into account anymore, leading to a major leak of information > from pages that were not supposed to be viewable. -- This message was sent by Atlassian JIRA (v7.6.3#76005)