mirrors/forgejo
2
0
Fork 1
mirror of https://codeberg.org/forgejo/forgejo.git synced 2026-06-22 10:02:15 +00:00
Code Issues Projects Releases Packages Wiki Activity
forgejo/routers/web/org/TestViewProjectPRLinkVisibility
History
Mathieu Fenniak 4b83448b7d 2026-06-10 security patches (#13001) 
- fix: prevent stored XSS in user display name on Actions page
- fix: LFS locks must belong to the intended repo, port from Gitea
- fix: prevent unauthorized access to draft releases via API
- fix: prevent writes to OpenID visibility which may affect other users
- fix: prevent viewing private PRs that are linked to public issues on public projects

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/13001
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Beowulf <beowulf@beocode.eu>
2026-06-10 06:05:01 +02:00
..
comment.yml 2026-06-10 security patches (#13001) 2026-06-10 06:05:01 +02:00
project_issue.yml 2026-06-10 security patches (#13001) 2026-06-10 06:05:01 +02:00