🌐 AI搜索 & 代理 主页
Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: bubdm/BlogEngine.NET
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: BlogEngine/BlogEngine.NET
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Checking mergeability… Don’t worry, you can still create the pull request.
  • 12 commits
  • 7 files changed
  • 5 contributors

Commits on May 5, 2022

  1. Added 'SameSite=Strict' cookie attribute, reducing overall CSRF attac… 

    …k surface
    0xLanks authored and 0xLanks committed May 5, 2022
    Configuration menu
    Copy the full SHA
    4033c72 View commit details
    Browse the repository at this point in the history

  2. Fixed XXE vulnerability when importing a new blog

    0xLanks authored and 0xLanks committed May 5, 2022
    Configuration menu
    Copy the full SHA
    16343de View commit details
    Browse the repository at this point in the history

  3. Fixed authorization controls on controller actions and added path san… 

    …itization preventing path traversal
    0xLanks authored and 0xLanks committed May 5, 2022
    Configuration menu
    Copy the full SHA
    035bc37 View commit details
    Browse the repository at this point in the history

Commits on May 6, 2022

  1. Merge pull request BlogEngine#247 from 0xLanks/fix-security-issues 

    Fixed security issues
    @rxtur
    rxtur authored May 6, 2022
    Configuration menu
    Copy the full SHA
    7f92756 View commit details
    Browse the repository at this point in the history

Commits on Oct 24, 2022

  1. fix CVE-2022-41418

    @tree-chtsec
    tree-chtsec committed Oct 24, 2022
    Configuration menu
    Copy the full SHA
    61daddf View commit details
    Browse the repository at this point in the history

  2. fix CVE-2022-41417. 

    But GetDirectory() will create folder if not exists by design. The
problem exists in ~/App_Data/Files/<here> despite this fix.
    @tree-chtsec
    tree-chtsec committed Oct 24, 2022
    Configuration menu
    Copy the full SHA
    9a8a7e3 View commit details
    Browse the repository at this point in the history

Commits on Jan 12, 2023

  1. fix

    @farzindev
    farzindev committed Jan 12, 2023
    Configuration menu
    Copy the full SHA
    43d25d8 View commit details
    Browse the repository at this point in the history

  2. Merge pull request BlogEngine#260 from tree-chtsec/master 

    Fixed security issues
    @farzindev
    farzindev authored Jan 12, 2023
    Configuration menu
    Copy the full SHA
    9a37bd1 View commit details
    Browse the repository at this point in the history

  3. fix

    @farzindev
    farzindev committed Jan 12, 2023
    Configuration menu
    Copy the full SHA
    9742bb7 View commit details
    Browse the repository at this point in the history

  4. Merge branch 'master' of github.com:BlogEngine/BlogEngine.NET

    @farzindev
    farzindev committed Jan 12, 2023
    Configuration menu
    Copy the full SHA
    15164ea View commit details
    Browse the repository at this point in the history

  5. fix url

    @farzindev
    farzindev committed Jan 12, 2023
    Configuration menu
    Copy the full SHA
    d0460d1 View commit details
    Browse the repository at this point in the history

  6. fix url

    @farzindev
    farzindev committed Jan 12, 2023
    Configuration menu
    Copy the full SHA
    95c8426 View commit details
    Browse the repository at this point in the history
Loading