sbrl-github/Pepperminty-Wiki
sbrl-github/Pepperminty-Wiki
1
0
Fork 0
mirror of https://github.com/sbrl/Pepperminty-Wiki.git synced 2024-11-21 16:13:00 +00:00
Code Activity

Update changelog

Browse source
This commit is contained in:
Starbeamrainbowlabs 2021-09-21 14:10:02 +01:00
parent 7b6cbbe821
commit 978da55e00
Signed by: sbrl
GPG key ID: 1BE5172E637709C2
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Changelog.md
View file

@ -7,6 +7,7 @@ This file holds the changelog for Pepperminty Wiki. This is the master list of t
### Fixed
- [security] Fixed an XSS vulnerability in the `format` GET parameter of the `stats` action (thanks, @JamieSlome)
- [security] Ensured that the `returnto` GET parameter leads you only to another place on your Pepperminty Wiki instance (thanks, @JamieSlome)
- [security] Ensure that Javascript in SVGs never gets executed (it's too challenging to strip it, since it could be lurking in many different places - according to [this answer](https://stackoverflow.com/a/68505306/1460422) even Inkscape doesn't strip all Javascript when asked to)
## v0.23