Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-03 23:00:14 -05:00
Code Issues Activity
ghost/core/server/web
History
Hannah Wolfe 14b3431de1
🔒 Removed unused and insecure preview endpoint 
refs: https://github.com/TryGhost/Ghost/security/advisories/GHSA-9fgx-q25h-jxrg

- This was part of an experiment during the build phase of 4.0. We never ended up using it, but the endpoint wasn't cleaned up.
- The endpoint leaves sites open to a security vulnerability. Anyone running 4.x should update to 4.3.3

Credits: Paul Gerste, SonarSource (https://www.sonarsource.com/)
2021-04-29 12:10:39 +01:00
..
admin 🔒 Removed unused and insecure preview endpoint 2021-04-29 12:10:39 +01:00
api Added Products API to Admin API 2021-04-20 13:04:51 +01:00
members Enabled Members for all sites (#12582) 2021-02-02 16:12:53 +00:00
parent Fixed incorrect require for lodash package 2020-06-01 08:42:58 +01:00
shared Enabled Members for all sites (#12582) 2021-02-02 16:12:53 +00:00
site Used themeService as var name everywhere 2021-04-19 19:41:13 +01:00
index.js
well-known.js Added Router etc to shared/express + use everywhere 2020-05-01 19:32:57 +01:00