Masu haɓaka tsarin sarrafa abun ciki kyauta Joomla game da gano gaskiyar cewa cikakkun kwafin ajiyar yanar gizo na Resources.joomla.org, gami da bayanan mai amfani da JRD (Joomla Resources Directory), an sanya su a cikin wurin ajiya na ɓangare na uku.
Ba a rufaffen bayanan ajiyar ba kuma sun haɗa da bayanai daga membobi 2700 da suka yi rajista akan Resources.joomla.org, rukunin yanar gizon da ke tattara bayanai game da masu haɓakawa da masu siyarwa waɗanda suka ƙirƙiri rukunin yanar gizo na Joomla. Baya ga bayanan sirri da ake samu a bainar jama'a, ma'adanin ya ƙunshi bayanai game da hashes na kalmar sirri, bayanan da ba a buga ba, da adiresoshin IP. Ana shawartar duk masu amfani da suka yi rajista a cikin kundin adireshin JRD su canza kalmomin shiga su kuma bincika yiwuwar kwafin kalmomin shiga akan wasu ayyuka.
Mahalarta aikin ne ya sanya wariyar ajiya akan ajiya na ɓangare na uku a cikin Ayyukan Yanar Gizo na Amazon S3, mallakar wani kamfani na ɓangare na uku wanda tsohon shugaban ya kafa. JRD, wanda ya kasance cikin masu haɓakawa a lokacin da abin ya faru. Har yanzu ba a kammala nazarin lamarin ba kuma ba a bayyana ko kwafin ajiyar ya fada hannu na uku ba. A lokaci guda kuma, binciken da aka gudanar bayan faruwar lamarin ya nuna cewa sabar.joomla.org tana ƙunshe da asusu tare da haƙƙin gudanarwa waɗanda ba na ma'aikatan kamfanin Open Source Matters ba, wanda ke kula da aikin Joomla (ba a fayyace ta yaya ba. haɗa waɗannan mutanen suna zuwa aikin).
source: budenet.ru