Skip to content

Security: talkincode/toughradius

Security

SECURITY.md

Security Update: XSS Vulnerability Fix

We have released a new version (v8.0.7) that addresses a critical security vulnerability related to cross-site scripting (XSS). The issue was found in the errmsg parameter handling in the login endpoint.

Affected Versions

  • Versions 8.0.1 ~ 8.0.7

Fixed Versions

  • Version v8.0.8

Recommended Actions

We strongly recommend all users to update to the latest version (1.0.3) immediately. You can update your project by following the instructions in our documentation.

Reporting Security Issues

If you find any security issues, please report them to jamiesun.net@gmail.com. We appreciate your help in keeping our project secure.

Thank you for your attention to this important update.

  • The Security Team

There aren’t any published security advisories