DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-09-20 07:47:41 -07:00
Code Issues Actions 11 Packages Projects Releases Wiki Activity
snipe-it/app
History
snipe e71e57f16a
Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639) 
* Added enshrined/svg-sanitize

* Added modular image resizing/SVG cleaning method

(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)

* Use improved handleImages method to upload/resize/clean images

* Removed $old_image

This is handled in the ImageUpload request now
2019-12-05 22:23:05 -08:00
..
Console Added 4260352 to ldapsync enabled account constraint 2019-10-18 17:48:50 -07:00
Events Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00
Exceptions Fixes #7252 form request changes (#7272) 2019-07-18 14:32:23 -07:00
Helpers Fixed more camel-casing -> snake-casing 2019-05-24 16:01:12 -07:00
Http Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639) 2019-12-05 22:23:05 -08:00
Importer Apply fix for #6642 to master 2019-09-30 19:21:57 -07:00
Jobs Version 3 - hold onto your butts 2016-03-25 01:18:05 -07:00
LegacyEncrypter First stab at a recrypter for legacy mcrypt conversion 2017-08-21 22:30:56 -07:00
Listeners Fixed typo 2018-07-17 01:03:32 -07:00
Models Fixed comment (#7617) 2019-11-22 16:13:42 -08:00
Notifications Fixes #6204 - added email alerts and web/API access to assets due for audits (#6992) 2019-05-05 22:32:52 -04:00
Observers Fixed #4652 - asset not correctly checking out to user on creation 2018-01-17 12:10:28 -08:00
Policies Fixed #6956 - viewKeys policy inconsistent (#7009) 2019-05-08 08:14:49 -04:00
Presenters Removed escaping on custom fields in presenter (#7631) 2019-12-03 17:42:13 -08:00
Providers Increased image size to 800px, added lightboxes 2019-05-24 19:11:08 -07:00