diff options
Diffstat (limited to 'CHANGELOG.md')
| -rw-r--r-- | CHANGELOG.md | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index c72230d8..49c9c6a0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -40,6 +40,7 @@ All notable changes to Gogs are documented in this file. - [Security] Potential ability to delete files outside a repository. - [Security] Potential ability to set primary email on others' behalf from their verified emails. - [Security] Potential XSS attack via `.ipynb`. [#5170](https://github.com/gogs/gogs/issues/5170) +- [Security] Potential SSRF attack via webhooks. [#5366](https://github.com/gogs/gogs/issues/5366) - [Security] Potential CSRF attack in admin panel. [#5367](https://github.com/gogs/gogs/issues/5367) - [Security] Potential RCE on mirror repositories. [#5767](https://github.com/gogs/gogs/issues/5767) - [Security] Potential XSS attack with raw markdown API. [#5907](https://github.com/gogs/gogs/pull/5907) |