Update on Vulnerability Report

[AkshayraviC09YC47]

Hello maintainer,

Few months ago i have submitted a vulnerability report via huntr.dev any update on that?

Here is the report link:
https://huntr.dev/bounties/3519b110-33db-4c1a-b720-0627dc14a4c6/

[zorun]

@Glandos does that ring a bell?

[zorun]

Ping @Glandos ? The page is private. Did we fix this already?

[Glandos]

Yep, it's about a template injection, but it's unclear for me if it's valid. I commented on the huntr page.

By the way, if you log in via GitHub on Huntr, you should be able to access the page as a member.

[almet]

This is indeed not a security problem, and there is no template injection here. Closing.

[zorun]

Indeed, both the report and the suggested patch are bogus. The apparent "injection" is not actually an injection, it merely shows that the projet ID is derived from the projet name.

Btw, the huntr link seems to be public now.