I have some K2 items and I have attached a attachments for them and set Access Level for them so non-registtered users can not see the items. But the attachments are directly accessible by putting their real url through browser like this:
How can I prevent this to happen?
I'm assuming the attachments are stored in SharePoint Library, similar to this.
When you start giving users View rights to the library, they can download and edit the attachment. Perhaps, this MS post might help your case