peezy-tech/jojo
2
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2026-05-12 22:10:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
jojo/routers
History
Gusted f488689c47 fix: check that attachments belong to correct resource 
It was possible to hijack attachments during update and create functions
to another owner as permissions to check they weren't already attached
to another resource and wasn't checked if it belonged to the repository
that was being operated on.
2026-03-06 11:20:50 -07:00
..
api [v11.0/forgejo] 2025-11-21 combined security patches (#10039) 2025-11-21 04:31:31 +01:00
common [v11.0/forgejo] chore: branding import path (#7354) 2025-03-27 20:13:05 +00:00
install [v11.0/forgejo] chore: branding import path (#7354) 2025-03-27 20:13:05 +00:00
private fix(sec): only degrade permission check for git push 2025-05-02 07:05:38 +02:00
utils [PORT] drop utils.IsExternalURL (and expand IsRiskyRedirectURL tests) (#3167) 2024-04-15 13:03:08 +00:00
web fix: check that attachments belong to correct resource 2026-03-06 11:20:50 -07:00
init.go [v11.0/forgejo] chore: branding import path (#7354) 2025-03-27 20:13:05 +00:00