Fix: Use PIMCORE_WEB_ROOT (#14970)

* Fix: Use PIMCORE_WEB_ROOT * Doc: Add Upgrade Notes * Revert "Doc: Add Upgrade Notes" This reverts commit 5316764.
pimcore · Apr 20, 2023 · deae04d · deae04d
1 parent b9c9ca2
commit deae04d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/bundles/AdminBundle/Controller/Admin/MiscController.php b/bundles/AdminBundle/Controller/Admin/MiscController.php
@@ -144,7 +144,7 @@ public function scriptProxyAction(Request $request)
                     throw $this->createNotFoundException('Directory not found!');
                 }
 
-                if(!str_starts_with($scriptPath, rtrim(str_replace('../', '', PIMCORE_PROJECT_ROOT), './'))) {
+                if(!str_starts_with($scriptPath, rtrim(str_replace('../', '', PIMCORE_WEB_ROOT), './'))) {
                     throw $this->createAccessDeniedException('Scripts not found! Please do not navigate out of the web root directory!');
                 }