VWE-2017-4032 Viewing Source [template]Vulnerability | cve= | aka= | severity=Medium | difficulty=Easy | platform=vB | description=Permissions escalation. Users may be able to upload images that exceed maximum allowed dimensions and/or file-size if admin has chosen to store the binary data of uploaded attachments in the database. | lite=no | discover-date=September 20, 2017 | patch-date=September 24, 2017 | patches=4.0.19 Patch Level 2 4.0.18 Patch Level 3 4.0.17 Patch Level 5 4.0.16 Patch Level 6 4.0.15 Patch Level 10 | workaround=In the Wiki Admin Panel, go to Content > Attachments, and make sure that attachments are stored as files.[/template] 640 characters