Users which has still installed the version <= 3.9.8.2 should update immediately to the latest 3.9.8.3 release.
The leak, which was fixed in the latest version, allowed a registered user to view the names of files that had been assigned to individual other users. This vulnerability was reported by the RedHotCyber team. You can read detailed information here.
