Skip to content

Version 2.2.1
Compare
Choose a tag to compare
@jmattheis jmattheis released this 28 Dec 19:47
· 42 commits to master since this release
v2.2.1
022603d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Fix an XSS vulnerability in the application file upload. It allowed
authenticated users to upload .html files. With that, an attacker could
execute client side scripts if another user opened a link such as: (#534)

https://push.gotify.net/image/ViaxrjzNowdgL-xnEfVV-Ggv5.html
Assets 9