The Sitecore/Developer role can read any text file on the file system

  • Description

    A user with the Sitecore/Developer role is able to read any text file on the file system through the Log Viewer application.

  • To resolve this issue, do not grant users the Sitecore/Developer role if you do not want them to view files on the file system.

Applies to:

CMS 6+

April 23, 2018
April 30, 2018

Reference number:

210020

Keywords: 

  • Security Vulnerabilities,
  • Security Vulnerabilities,
  • Security Vulnerabilities,
  • Security Vulnerabilities,
  • Security Vulnerabilities