Product and Feature Updates about Kinja

Added Permission Check When Opening Posts In Editor

We recently discovered a loophole which allowed a site member without appropriate permissions to open any post on their site in the editor, however a back end permission check would prevent changes from being saved.

This loophole has been patched; now the permission check is performed when the post is opened in addition to when it is saved.

Advertisement

Share This Story

About the author

Ernie @ Kinja

Helping build delightful tools for delightful people.