Same issue as #24 which was unfortunately not recognized for the severe bug that it is.
Yesterday I explained privately the issue to @sheehan and supplied him a POC. Will add the same information here once a fix is released (or otherwise to expedite its release), but for now this issue should merely serve to keep track of it publicly
The text was updated successfully, but these errors were encountered:
Thank you, I confirm that now this functionality appears secure.
Here's the POC people can use to check if they're vulnerable (just check if your browser network inspector if you're receiving back a 403 when visiting the poc page)
Same issue as #24 which was unfortunately not recognized for the severe bug that it is.
Yesterday I explained privately the issue to @sheehan and supplied him a POC. Will add the same information here once a fix is released (or otherwise to expedite its release), but for now this issue should merely serve to keep track of it publicly
The text was updated successfully, but these errors were encountered: