Highjordandrakop

**Name of the Vulnerable Software and Affected Versions** Initiative versions prior to 0.32.2 **Description** An access control issue exists in Initiative, a self-hosted project management platform. Uploaded documents are served from a publicly accessible `/uploads/` directory without authentication or authorization checks. This allows unauthenticated users to access any uploaded file directly via its URL, potentially leading to the disclosure of sensitive documents. **Recommendations** Update to version 0.32.2 or later.