This is an automated email from the ASF dual-hosted git repository. linkinstar pushed a commit to branch docs/security in repository https://gitbox.apache.org/repos/asf/incubator-answer-website.git
commit f9feda82ad270d062e7f6fa5e49e3f21499246be Author: LinkinStars <[email protected]> AuthorDate: Mon Apr 22 10:54:41 2024 +0800 docs(security): update security document --- community/security.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/community/security.md b/community/security.md index 5ee7fde2..2fd07c35 100644 --- a/community/security.md +++ b/community/security.md @@ -8,6 +8,14 @@ The Apache Software Foundation takes a rigorous stance on eliminating security i # Security fixes +## v1.2.5 + +### CVE-2024-29217 + +XSS attack when user changes personal website. A logged-in user, when modifying their personal website, can input malicious code in the website to create such an attack. + +https://www.cve.org/CVERecord?id=CVE-2024-29217 + ## v1.2.1 ### CVE-2024-22393
