A customer recently reported two security-related issues affecting access controls and administrative permissions. Upon receiving the report, our team immediately investigated, validated the findings, and deployed fixes for both items. While there is no evidence of misuse, we have taken additional steps to strengthen our security posture, including initiating a new, independent penetration test to ensure comprehensive coverage.
Details of Resolved Issues
1. Access control for storage links
Certain file links were accessible without the expected security measures. This has now been addressed at the resource level, and an update is being deployed to ensure proper access requirements are enforced.
2. Permissions on admin functionality
There was a scenario where users could elevate their permissions if they navigated to a specific page. This has been corrected to prevent unauthorised changes.
If you have further questions or would like more details about the issue, please contact Zensai Support Team.