Jump to content

IPS Community Suite

Recommended Posts

IPS Community Suite


Block binary/octal/hex/decimal based hostnames from being submitted in forms that could trigger an SSRF.

Gfycat OEmbed endpoint could create XSS. Also informed Gfycat of issue. - Thanks to René Kroka - https://renekroka.cz for reporting this issue.

Addition attachment permission checks when downloading attachments.

Edited by Jack
Link to comment
This topic is now closed to further replies.
  • Create New...