Hello; I wasn't sure how to label this bug report, so apologies for setting it all to "other". To be brief, the url https://krita.org/wp-content/uploads/ can be accessed by anybody and contains uploads since 2009 which may or not be sensitive information. My main concern is that this url provides details that may be used by someone with malicious intent to gain further access to krita.org's backend. This may not be of concern to you guys at all, and if so I apologize for wasting your time here. As someone who is fairly conscious of my own security, this struck me as something of a concern. Also thank you for your great software which I use all the time! Sincerely, an anonymous user. (p.s. please do not attempt to reply as this e-mail will no longer be in service soon after this is sent. I have sent all the details I know of and have not dug any further)
also I wasn't sure how to report this privately since this is the only avenue given as a contact
(In reply to yhmkqq6tm from comment #1) > also I wasn't sure how to report this privately since this is the only > avenue given as a contact If you are reporting a security issue, please refer to: https://community.kde.org/Get_Involved/Issue_Reporting#Step_0:_Is_it_a_security_issue.3F https://kde.org/info/security/