Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-22 18:30:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
12758 commits 2 branches 844 tags 123 MiB
Commit graph

6 commits

Author SHA1 Message Date
Lauri Ojansivu
ccd9034339 Fix SECURITY ISSUE 5: Attachment API uses bearer value as userId and DoS (Low). 
Thanks to Siam Thanat Hack (STH) and xet7 !
 2025-11-02 11:42:07 +02:00
Lauri Ojansivu
0a1a075f31 Fix SECURITY ISSUE 4: Members can forge others’ votes (Low). Bonus: Similar fixes to planning poker too done by xet7. 
Thanks to Siam Thanat Hack (STH) and xet7 !
 2025-11-02 11:12:41 +02:00
Lauri Ojansivu
ea310d7508 Fix SECURITY ISSUE 3: Unauthenticated (or any) user can update board sort. 
Thanks to Siam Thanat Hack (STH) !
 2025-11-02 10:13:45 +02:00
Lauri Ojansivu
f26d582018 Fix SECURITY ISSUE 2: Access to boards of any Orgs/Teams, and avatar permissions. 
Thanks to Siam Thanat Hack (STH) !
 2025-11-02 09:11:50 +02:00
Lauri Ojansivu
0f34d407a4 Try to fix tests. Part 3. 
Thanks to xet7 !
 2021-06-24 23:37:13 +03:00
Lauri Ojansivu
7f648720af Try to fix tests. Part 2. 
Thanks to xet7 !
 2021-06-24 23:08:14 +03:00