OpenSourceArk/Ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e53bd0bfd5
Ghost/test/unit
History
Fabien "egg" O'Carroll b82dc7ae7c 🔒 Fixed RCE exploit with date helper & locale setting 
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-7v28-g2pq-ggg8

A vulnerability in an upstream library means an attacker can abuse locale input
to execute arbitrary commands from a file that has previously been uploaded
using the file upload functionality in the post editor.
2022-06-14 22:50:22 -04:00
..
api Removed GA feature flags (#14915) 2022-05-26 09:54:30 +02:00
frontend 🔒 Fixed RCE exploit with date helper & locale setting 2022-06-14 22:50:22 -04:00
server Added getLazyRelation model helper method (#14943) 2022-05-31 13:21:53 +02:00
shared Fixed minor weirdnesses with excerpts 2022-05-24 12:35:59 +01:00