ghost

mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-10 23:36:14 -05:00

History

Fabien O'Carroll 944c2cc9af 🔒 Fixed member email change vulnerability refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr This updates the signup/signin flow for members to no longer support the email address change flow - which had missing authentication. It has been replaced with a dedicated email change flow, and Portal has been updated to use it.	2021-09-23 10:49:30 +01:00
..
app.js	🔒 Fixed member email change vulnerability	2021-09-23 10:49:30 +01:00
index.js

Fabien O'Carroll 944c2cc9af

🔒 Fixed member email change vulnerability

refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr

This updates the signup/signin flow for members to no longer support the
email address change flow - which had missing authentication. It has
been replaced with a dedicated email change flow, and Portal has been
updated to use it.

2021-09-23 10:49:30 +01:00

app.js

🔒 Fixed member email change vulnerability

2021-09-23 10:49:30 +01:00

index.js