New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Some security vulnerabilities in v1.32.3 #2399
Comments
This was referenced Jan 19, 2019
Progress:
|
I think all issues are addressed once #2434 is merged. I've also been adding CSP for script-src to some pages to mitigate XSS in the future. |
This sounds like a good decision. |
I guess this can be closed now. Thanks for the report! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe Your Environment
Describe the bug
some security vulnerabilities in v1.32.3
To Reproduce
some details in some datails
Expected behavior
The above problems can lead to user information leakage, unauthorized operation, server command execution...
The text was updated successfully, but these errors were encountered: