SS-2015-024: Queued jobs serialised data exposure
- Low (?)
- Versions Affected:
- 2.8.1 and below
- Versions Fixed:
- Release Date:
SavedJobData and SavedJobMessages contain php serialised data. There's no point showing these to a CMS Admin as they're not human readable. Worse, it might be insecure, as a malicious CMS Admin might be able to craft a payload thats dangerous to unserialise.
This issue has been resolved by hiding this content, even from administrators.