Commit Graph

2 Commits

Author SHA1 Message Date
Vinoth Kannan
7b53e610c1
SECURITY: limit the number of characters in watched word replacements.
The watch words controller creation function, create_or_update_word(), doesn’t validate the size of the replacement parameter, unlike the word parameter, when creating a replace watched word. So anyone with moderator privileges can create watched words with almost unlimited characters.
2024-07-15 19:25:17 +08:00
Régis Hanol
f4acb43ee7 DEV: add watched words system spec 2024-04-30 19:16:47 +02:00