##// END OF EJS Templates
changelog: escape the graph branch name to prevent XSS.
changelog: escape the graph branch name to prevent XSS.

File last commit:

r2665:f42f8690 stable
r2994:6936fe23 default
Show More
release-notes-4.11.6.rst
41 lines | 489 B | text/x-rst | RstLexer

|RCE| 4.11.6 |RNS|

Release Date

  • 2018-03-28

New Features

General

Security

  • api(high): fixed unauthorized access to repositories using forged api requests.

Performance

Fixes

Upgrade notes

  • Unscheduled security release addressing found vulnerability in the API that allows attackers to gain access to repositories in unauthorized way by forging data in the API request.