Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bedita CMS 3.6.0 – Publication Module Bug Report #755

Closed
cybersecurityworks opened this issue Oct 14, 2015 · 11 comments
Closed

Bedita CMS 3.6.0 – Publication Module Bug Report #755

cybersecurityworks opened this issue Oct 14, 2015 · 11 comments

Comments

@cybersecurityworks
Copy link

Hi Team:

please find the detail report link below

cybersecurityworks/Disclosed#8

@stefanorosanelli
Copy link
Member

Thanks @cybersecurityworks - we are analyzing the problem right away

@batopa
Copy link
Member

batopa commented Oct 15, 2015

Under investigation 🔬

@cybersecurityworks
Copy link
Author

XSS security issue fix ?

@batopa
Copy link
Member

batopa commented Oct 31, 2015

Yes it is fixed on 3-corylus branch. We will release the version with the fix soon.

@batopa batopa closed this as completed Oct 31, 2015
@cybersecurityworks
Copy link
Author

Can i know, when fixed version will release?

@batopa
Copy link
Member

batopa commented Nov 13, 2015

@cybersecurityworks we should prepare the release shortly, we are fixing the last things. Anyway we'll inform you as soon as possible

@cybersecurityworks
Copy link
Author

Thanks batopa.

@cybersecurityworks
Copy link
Author

Hi batopa:

We are making a public disclose for the issue. please confirm the release date?

@batopa
Copy link
Member

batopa commented Dec 10, 2015

Hi @cybersecurityworks,
we had unexpected issues and the release date was delayed.
We are almost ready and we are testing last things before release it. You can expect to see the new release in the next few days.

@cybersecurityworks
Copy link
Author

Hi @batopa
Thanks for update.

@cybersecurityworks
Copy link
Author

Hi @batopa
I really appreciate your collaboration and patience while we work with you on these issue. Thanks for your patience effort and time taken

Thanks alot for the credit

As issue has been fixed, we are making public disclosed for the same.

qwerg added a commit that referenced this issue Dec 20, 2016
…/github.com/bedita/bedita into issue/577-EPUB-3-import-export-capabilities

* 'issue/577-EPUB-3-import-export-capabilities' of https://github.com/bedita/bedita: (186 commits)
  fix be_thumb merge
  [minor] Fix notice in templates.
  #670 Improve consistency in persisted DateItems.
  As of dateinput, add numberinput css class to custom property form of type "number"
  [minor] add session error message logging invalid session
  [minor] API: less restrictive related_id and child_id check
  #755 fix XSS security hole
  [minor] fix wrong objectRelation instead of ObjectRelation in ClassRegistry init
  #670 Preserve extra parameters in Events module.
  #744 comment
  #744 add minimal set of /poster params
  #744 handle filter[] in url params
  #670 Allow JS date picker to be disabled. jQuery UI's DatePicker prevents user from using b.C. dates properly.
  #744 refactoring
  #744 add unit test checking query string names
  #744 implement configurable query string names check
  #670 Handle negative dates passed via form parameter.
  #747 skip mod_rewrite apply on core.php
  [minor] Fix model not instantiated.
  [minor] Multimedia module: avoid notice saving in some situations
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants