-
Notifications
You must be signed in to change notification settings - Fork 263
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update on Vulnerability Report #1128
Comments
@Glandos does that ring a bell? |
Ping @Glandos ? The page is private. Did we fix this already? |
Yep, it's about a template injection, but it's unclear for me if it's valid. I commented on the huntr page. By the way, if you log in via GitHub on Huntr, you should be able to access the page as a member. |
This is indeed not a security problem, and there is no template injection here. Closing. |
Indeed, both the report and the suggested patch are bogus. The apparent "injection" is not actually an injection, it merely shows that the projet ID is derived from the projet name. Btw, the huntr link seems to be public now. |
Hello maintainer,
Few months ago i have submitted a vulnerability report via huntr.dev any update on that?
Here is the report link:
https://huntr.dev/bounties/3519b110-33db-4c1a-b720-0627dc14a4c6/
The text was updated successfully, but these errors were encountered: