Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
Code Issues Activity
ghost/core/frontend
History
Fabien O'Carroll b6be89a44f
🔒 Fixed member email change vulnerability 
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr

This updates the signup/signin flow for members to no longer support the
email address change flow - which had missing authentication. It has
been replaced with a dedicated email change flow, and Portal has been
updated to use it.
2021-09-23 10:46:00 +01:00
..
apps 🔒 Fixed open redirect in private site login 2021-01-26 16:42:42 +00:00
helpers 🔒 Fixed member email change vulnerability 2021-09-23 10:46:00 +01:00
meta Refactored core/server/lib/image for Dependency Injection (#12463) 2020-12-09 13:19:22 +01:00
services Fixed fs error during theme install deleting active theme (#12688) 2021-02-23 10:50:23 +00:00
views Updated unsubscribe copy 2019-11-26 11:03:14 +01:00