New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bedita CMS 3.6.0 – Publication Module Bug Report #755

Closed
cybersecurityworks opened this Issue Oct 14, 2015 · 11 comments

Comments

Projects
None yet
3 participants
@cybersecurityworks

cybersecurityworks commented Oct 14, 2015

Hi Team:

please find the detail report link below

cybersecurityworks/Disclosed#8

@stefanorosanelli

This comment has been minimized.

Member

stefanorosanelli commented Oct 14, 2015

Thanks @cybersecurityworks - we are analyzing the problem right away

@batopa

This comment has been minimized.

Member

batopa commented Oct 15, 2015

Under investigation 🔬

batopa added a commit that referenced this issue Oct 16, 2015

@cybersecurityworks

This comment has been minimized.

cybersecurityworks commented Oct 31, 2015

XSS security issue fix ?

@batopa

This comment has been minimized.

Member

batopa commented Oct 31, 2015

Yes it is fixed on 3-corylus branch. We will release the version with the fix soon.

@batopa batopa closed this Oct 31, 2015

@cybersecurityworks

This comment has been minimized.

cybersecurityworks commented Nov 12, 2015

Can i know, when fixed version will release?

@batopa

This comment has been minimized.

Member

batopa commented Nov 13, 2015

@cybersecurityworks we should prepare the release shortly, we are fixing the last things. Anyway we'll inform you as soon as possible

@cybersecurityworks

This comment has been minimized.

cybersecurityworks commented Nov 13, 2015

Thanks batopa.

@cybersecurityworks

This comment has been minimized.

cybersecurityworks commented Dec 10, 2015

Hi batopa:

We are making a public disclose for the issue. please confirm the release date?

@batopa

This comment has been minimized.

Member

batopa commented Dec 10, 2015

Hi @cybersecurityworks,
we had unexpected issues and the release date was delayed.
We are almost ready and we are testing last things before release it. You can expect to see the new release in the next few days.

@cybersecurityworks

This comment has been minimized.

cybersecurityworks commented Dec 11, 2015

Hi @batopa
Thanks for update.

@cybersecurityworks

This comment has been minimized.

cybersecurityworks commented Dec 11, 2015

Hi @batopa
I really appreciate your collaboration and patience while we work with you on these issue. Thanks for your patience effort and time taken

Thanks alot for the credit

As issue has been fixed, we are making public disclosed for the same.

qwerg added a commit that referenced this issue Dec 20, 2016

Merge branch 'issue/577-EPUB-3-import-export-capabilities' of https:/…
…/github.com/bedita/bedita into issue/577-EPUB-3-import-export-capabilities

* 'issue/577-EPUB-3-import-export-capabilities' of https://github.com/bedita/bedita: (186 commits)
  fix be_thumb merge
  [minor] Fix notice in templates.
  #670 Improve consistency in persisted DateItems.
  As of dateinput, add numberinput css class to custom property form of type "number"
  [minor] add session error message logging invalid session
  [minor] API: less restrictive related_id and child_id check
  #755 fix XSS security hole
  [minor] fix wrong objectRelation instead of ObjectRelation in ClassRegistry init
  #670 Preserve extra parameters in Events module.
  #744 comment
  #744 add minimal set of /poster params
  #744 handle filter[] in url params
  #670 Allow JS date picker to be disabled. jQuery UI's DatePicker prevents user from using b.C. dates properly.
  #744 refactoring
  #744 add unit test checking query string names
  #744 implement configurable query string names check
  #670 Handle negative dates passed via form parameter.
  #747 skip mod_rewrite apply on core.php
  [minor] Fix model not instantiated.
  [minor] Multimedia module: avoid notice saving in some situations
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment