Unknown · Jdownloads · CVE-2022-27909
**Name of the Vulnerable Software and Affected Versions**
jDownloads version 3.9.8.2
**Description**
The issue allows a remote user to modify parameters in the address bar and access the names of other users' files.
**Recommendations**
For version 3.9.8.2, consider restricting access to sensitive file information until a patch is available.
As a temporary workaround, avoid using the vulnerable component of the jDownloads module to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.