gustafn
committed
on 14 Dec 15
- fix old security hole, that allowed to download arbitrary files given a known item_id