-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bedita CMS 3.6.0 – Publication Module Bug Report #755
Comments
Thanks @cybersecurityworks - we are analyzing the problem right away |
Under investigation 🔬 |
XSS security issue fix ? |
Yes it is fixed on 3-corylus branch. We will release the version with the fix soon. |
Can i know, when fixed version will release? |
@cybersecurityworks we should prepare the release shortly, we are fixing the last things. Anyway we'll inform you as soon as possible |
Thanks batopa. |
Hi batopa: We are making a public disclose for the issue. please confirm the release date? |
Hi @cybersecurityworks, |
Hi @batopa |
Hi @batopa Thanks alot for the credit As issue has been fixed, we are making public disclosed for the same. |
…/github.com/bedita/bedita into issue/577-EPUB-3-import-export-capabilities * 'issue/577-EPUB-3-import-export-capabilities' of https://github.com/bedita/bedita: (186 commits) fix be_thumb merge [minor] Fix notice in templates. #670 Improve consistency in persisted DateItems. As of dateinput, add numberinput css class to custom property form of type "number" [minor] add session error message logging invalid session [minor] API: less restrictive related_id and child_id check #755 fix XSS security hole [minor] fix wrong objectRelation instead of ObjectRelation in ClassRegistry init #670 Preserve extra parameters in Events module. #744 comment #744 add minimal set of /poster params #744 handle filter[] in url params #670 Allow JS date picker to be disabled. jQuery UI's DatePicker prevents user from using b.C. dates properly. #744 refactoring #744 add unit test checking query string names #744 implement configurable query string names check #670 Handle negative dates passed via form parameter. #747 skip mod_rewrite apply on core.php [minor] Fix model not instantiated. [minor] Multimedia module: avoid notice saving in some situations ...
Hi Team:
please find the detail report link below
cybersecurityworks/Disclosed#8
The text was updated successfully, but these errors were encountered: