OpenSourceArk/Ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e53bd0bfd5
Ghost/test
History
Fabien "egg" O'Carroll b82dc7ae7c 🔒 Fixed RCE exploit with date helper & locale setting 
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-7v28-g2pq-ggg8

A vulnerability in an upstream library means an attacker can abuse locale input
to execute arbitrary commands from a file that has previously been uploaded
using the file upload functionality in the post editor.
2022-06-14 22:50:22 -04:00
..
e2e-api 🐛 Fixed an error when updating a user 2022-06-02 12:13:27 +01:00
e2e-browser Added note about installing the E2E browsers 2022-02-22 10:20:40 +01:00
e2e-frontend Removed GA feature flags (#14915) 2022-05-26 09:54:30 +02:00
e2e-server 🐛 Fixed signing key identificaiton in JWKs 2022-05-24 12:20:30 +01:00
e2e-webhooks Added e2e test coverage for post.added event 2022-06-03 14:56:55 +08:00
integration Added integration test for MEGA.sendEmailJob (#14944) 2022-05-30 15:41:02 +02:00
regression Updated mapping for stripe_products when product import is skipped (#14965) 2022-06-03 17:31:53 +01:00
unit 🔒 Fixed RCE exploit with date helper & locale setting 2022-06-14 22:50:22 -04:00
utils Added webhook fixute utils 2022-06-03 11:57:39 +08:00
.eslintignore Updated casper test fixture to latest version 2022-01-25 14:10:53 +00:00
.eslintrc.js Upgraded no-skipped-test rule to error 2021-05-26 14:57:43 +01:00
.jshintrc Move tests from core to root (#11700) 2020-03-30 16:26:47 +01:00