Administrator ANDROS Posted December 17, 2019 Administrator Share Posted December 17, 2019 Security Block binary/octal/hex/decimal based hostnames from being submitted in forms that could trigger an SSRF. Gfycat OEmbed endpoint could create XSS. Also informed Gfycat of issue. - Thanks to René Kroka - https://renekroka.cz for reporting this issue. Addition attachment permission checks when downloading attachments. Открыть версия ✔ Наши пользователи помогли вам решить проблему? 💸 Наградите их реакцией и поддержите наш форум оформив подписку! 💎 Покупая премиум вы получаете дополнительные возможности и тем самым поддерживаете нас в продолжении! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now