Bug 451813

Summary: Potential Website Security issue
Product: [Applications] krita Reporter: yhmkqq6tm
Component: * UnknownAssignee: Krita Bugs <krita-bugs-null>
Status: RESOLVED NOT A BUG    
Severity: normal CC: halla
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Other   
OS: Other   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description yhmkqq6tm 2022-03-23 06:07:57 UTC 
Hello; I wasn't sure how to label this bug report, so apologies for setting it all to "other".
To be brief, the url https://krita.org/wp-content/uploads/ can be accessed by anybody and contains uploads since 2009 which may or not be sensitive information. My main concern is that this url provides details that may be used by someone with malicious intent to gain further access to krita.org's backend. 
This may not be of concern to you guys at all, and if so I apologize for wasting your time here. As someone who is fairly conscious of my own security, this struck me as something of a concern.
Also thank you for your great software which I use all the time!
Sincerely, an anonymous user.
(p.s. please do not attempt to reply as this e-mail will no longer be in service soon after this is sent. I have sent all the details I know of and have not dug any further)
Comment 1 yhmkqq6tm 2022-03-23 06:09:11 UTC 
also I wasn't sure how to report this privately since this is the only avenue given as a contact
Comment 2 2wxsy58236r3 2022-03-23 06:43:23 UTC 
(In reply to yhmkqq6tm from comment #1)
> also I wasn't sure how to report this privately since this is the only
> avenue given as a contact

If you are reporting a security issue, please refer to:
https://community.kde.org/Get_Involved/Issue_Reporting#Step_0:_Is_it_a_security_issue.3F
https://kde.org/info/security/