Security issues with 1.1.3 flatfile