El 11.01.22 a las 22:21, Mike Jumper escribió: > Severity: moderate > > Description: > > Apache Guacamole 1.3.0 and older may incorrectly include a private > tunnel identifier in the non-private details of some REST responses. > This may allow an authenticated user who already has permission to > access a particular connection to read from or interact with another > user's active use of that same connection. > > Credit: > > We would like to thank Damian Velardo (Australia and New Zealand > Banking Group) for reporting this issue. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org > For additional commands, e-mail: user-h...@guacamole.apache.org > Hello,
which component is affected here, backend (guacd) or frontend (.war) or both? -- Thanks Jürgen --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org