VWE-2017-3992 Viewing Source [template]Vulnerability | cve= | aka= | severity=Low | difficulty=Hard | description=Permissions escalation. If image support for a file-type is activated later, prior uploads of that type will be treated as images even if they now exceed the permitted width and height. | lite=no | discover-date=August 24, 2017 | patch-date=September 13, 2017 | patches=4.0.19 Patch Level 1 4.0.18 Patch Level 2 4.0.17 Patch Level 4 4.0.16 Patch Level 5 4.0.15 Patch Level 9 4.0.14 Patch Level 12 | workaround=Do not activate image support for any file-types in Content > Attachments or reduce the permitted dimensions after there are already uploads of the given type.[/template] 680 characters