mirror of
https://github.com/sbrl/Pepperminty-Wiki.git
synced 2024-11-25 05:22:59 +00:00
Update changelog
This commit is contained in:
parent
7b6cbbe821
commit
978da55e00
1 changed files with 1 additions and 0 deletions
|
@ -7,6 +7,7 @@ This file holds the changelog for Pepperminty Wiki. This is the master list of t
|
||||||
### Fixed
|
### Fixed
|
||||||
- [security] Fixed an XSS vulnerability in the `format` GET parameter of the `stats` action (thanks, @JamieSlome)
|
- [security] Fixed an XSS vulnerability in the `format` GET parameter of the `stats` action (thanks, @JamieSlome)
|
||||||
- [security] Ensured that the `returnto` GET parameter leads you only to another place on your Pepperminty Wiki instance (thanks, @JamieSlome)
|
- [security] Ensured that the `returnto` GET parameter leads you only to another place on your Pepperminty Wiki instance (thanks, @JamieSlome)
|
||||||
|
- [security] Ensure that Javascript in SVGs never gets executed (it's too challenging to strip it, since it could be lurking in many different places - according to [this answer](https://stackoverflow.com/a/68505306/1460422) even Inkscape doesn't strip all Javascript when asked to)
|
||||||
|
|
||||||
|
|
||||||
## v0.23
|
## v0.23
|
||||||
|
|
Loading…
Reference in a new issue