discourse

mirror of https://github.com/discourse/discourse.git synced 2024-12-12 08:06:57 +08:00

History

Daniel Waterworth 7616e9b540 SECURITY: Validate email constraints when trying to redeem an invite (#17182 ) In certain situations, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggrevated when the invite has been configured to add the user that accepts the invite into restricted groups. Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>		2022-06-21 13:25:10 -05:00
..
assets	DEV: Fix auto start for wizard qunit tests (#16988 )	2022-06-03 12:44:42 +08:00
controllers	SECURITY: Validate email constraints when trying to redeem an invite (#17182 )	2022-06-21 13:25:10 -05:00
helpers	DEV: Support for running theme test with Ember CLI (third attempt)	2022-01-13 16:02:07 -05:00
jobs	SECURITY: Hide private categories in user activity export (#16276 )	2022-03-24 15:56:50 +10:00
mailers	DEV: Hash tokens stored from email_tokens (#14493 )	2021-11-25 09:34:39 +02:00
models	SECURITY: Validate email constraints when trying to redeem an invite (#17182 )	2022-06-21 13:25:10 -05:00
serializers	SECURITY: Category group permissions leaked to normal users.	2022-04-08 11:04:59 +02:00
services	FIX: Prevent "integer out of range" when merging post timings (#15723 )	2022-01-26 23:34:28 +01:00
views	DEV: Support for running theme test with Ember CLI (third attempt)	2022-01-13 16:02:07 -05:00