Translations:2021-12 security release/FAQ/28/en


 * CVE-2021-45038: The "rollback" feature could be passed a specially crafted parameter that allowed an attacker to view the contents of arbitrary pages, regardless of whether they had permissions to do so.