-
Notifications
You must be signed in to change notification settings - Fork 277
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
25 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
## Security Update: XSS Vulnerability Fix | ||
|
||
We have released a new version (v8.0.7) that addresses a critical security vulnerability related to cross-site scripting (XSS). The issue was found in the `errmsg` parameter handling in the login endpoint. | ||
|
||
### Affected Versions | ||
- Versions 8.0.1 ~ 8.0.7 | ||
|
||
### Fixed Versions | ||
- Version v8.0.8 | ||
|
||
### Recommended Actions | ||
We strongly recommend all users to update to the latest version (1.0.3) immediately. You can update your project by following the instructions in our documentation. | ||
|
||
### Reporting Security Issues | ||
If you find any security issues, please report them to [[email protected]](mailto:[email protected]). We appreciate your help in keeping our project secure. | ||
|
||
Thank you for your attention to this important update. | ||
|
||
- The Security Team |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,8 @@ | ||
BuildVersion=latest v8.0.7 2024-05-17 13:47:07 | ||
BuildVersion=latest v8.0.7 2024-05-17 14:24:48 | ||
ReleaseVersion=v8.0.7 | ||
BuildTime=2024-05-17 13:47:07 | ||
BuildTime=2024-05-17 14:24:48 | ||
BuildName=toughradius | ||
CommitID=b4611353205746fcd10466dda836545c0cc59b37 | ||
CommitDate=Thu, 16 May 2024 16:33:04 +0800 | ||
CommitUser=jamiesun.net@gmail.com | ||
CommitSubject=2024-05-16 16:32:57 : fix text error | ||
CommitID=21a608ca5ffa2387294f22facb31d49daf9b6df3 | ||
CommitDate=Fri, 17 May 2024 13:50:28 +0800 | ||
CommitUser=noreply@github.com | ||
CommitSubject=Bump golang.org/x/net from 0.19.0 to 0.23.0 (#169) |