Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-04-15 03:01:37 -05:00
Code Issues Activity
ghost/core
History
Hannah Wolfe 14b3431de1
🔒 Removed unused and insecure preview endpoint 
refs: https://github.com/TryGhost/Ghost/security/advisories/GHSA-9fgx-q25h-jxrg

- This was part of an experiment during the build phase of 4.0. We never ended up using it, but the endpoint wasn't cleaned up.
- The endpoint leaves sites open to a security vulnerability. Anyone running 4.x should update to 4.3.3

Credits: Paul Gerste, SonarSource (https://www.sonarsource.com/)
2021-04-29 12:10:39 +01:00
..
client@87e700fe35 Updated Ghost-Admin to v4.3.2 2021-04-22 17:32:41 +01:00
frontend Moved hbs engine into new theme engine service 2021-04-19 20:03:30 +01:00
server 🔒 Removed unused and insecure preview endpoint 2021-04-29 12:10:39 +01:00
shared Bumped @tryghost/members-api & Portal versions (#12836) 2021-04-05 16:29:17 +01:00
app.js Added Sentry to new boot process 2021-02-19 09:20:41 +00:00
boot.js Fixed Ghost hiding config errors behind a crash 2021-03-18 16:32:51 +00:00