Total.js platform
Total.js platform

JavaScript platform for everyone

A critical security bug in Total.js Eshop + CMS

A critical security bug in Total.js Eshop + CMS


We are really sorry, but this is life. Sometimes we are teachers and sometimes we are students. We found a critical security bug in Total.js Eshop and CMS yesterday. Please follow the instructions below:

  • first reinstall Total.js to +v2.2.0 (npm install total.js)
  • check your source-code:

Open yourapp/controllers/default.js and find a file_read function and modify it as shown below:

FIX:

Do you have any questions? Contact use via our HelpDesk system.

We apologize for the inconvenience.