0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
ghost/test/unit/frontend
Fabien "egg" O'Carroll b82dc7ae7c 🔒 Fixed RCE exploit with date helper & locale setting
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-7v28-g2pq-ggg8

A vulnerability in an upstream library means an attacker can abuse locale input
to execute arbitrary commands from a file that has previously been uploaded
using the file upload functionality in the post editor.
2022-06-14 22:50:22 -04:00
..
apps Cleaned up AMP rendering of "page" resources 2022-05-17 11:39:52 +08:00
helpers 🔒 Fixed RCE exploit with date helper & locale setting 2022-06-14 22:50:22 -04:00
meta 🎨 Reduced favicon requirements and added image formatting (#14918) 2022-05-27 16:36:53 +02:00
services Fixed frontend rendering of page resource 2022-05-16 22:06:55 +08:00
web/middleware 🎨 Reduced favicon requirements and added image formatting (#14918) 2022-05-27 16:36:53 +02:00