CVE-2025-65963
CVE-2025-65963 affects the Files module used to manage files inside spaces and user profiles. Prior to versions 0.16.11 and 0.17.2, insufficient authorization checks allow non-member users in public spaces to create folders and to upload or download files as a ZIP archive; private spaces are not ...