From 1fba5309895f1e895de4fbbd7cfac07a4512ded9 Mon Sep 17 00:00:00 2001
From: javier-ceron <122475680+javier-ceron@users.noreply.github.com>
Date: Fri, 4 Aug 2023 08:47:26 -0500
Subject: [PATCH] Fix cve-2023-24249

https://flyd.uk/post/cve-2023-24249
---
 src/Form/Field/Image.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Form/Field/Image.php b/src/Form/Field/Image.php
index 800b5e54f0..730218d225 100644
--- a/src/Form/Field/Image.php
+++ b/src/Form/Field/Image.php
@@ -18,7 +18,7 @@ class Image extends File
      *
      * @var string
      */
-    protected $rules = 'image';
+    protected $rules = 'image|mimes:jpg,png,jpeg,gif,svg,webp';
 
     /**
      * @param array|UploadedFile $image