[MEDIUM] Kirby Panel users could upload PHP Phar archives as content files before v2.5.14 and v3.4.5

PKSA-68c1-zbdg-v43v CVE-2020-26255 GHSA-g3h8-cg9x-47qw

Affected package: getkirby/panel

Affected version: <2.5.14

Reported by:
GitHub