Several Security Issues Identified
jmrcsnchz opened this issue · 3 comments
jmrcsnchz commented
[SECURITY]
Security Issues
Hi, we are a group of security consultants / researchers and we've identified a number of security issues in this project (ranging from SQL injection, XSS, to Account Privilege Escalation). We would like to disclose these vulnerabilities responsibly and we're hoping to get in touch with the repo maintainer. Please don't hesitate to reach out via my email. Thanks!
jmrcsnchz commented
Hi! Nice work for the very quick fixes. May I ask if you requested CVE for
them?
…On Wed, 31 Jan 2024, 8:58 am WillyXJ, ***@***.***> wrote:
Thanks for the report!
This is now fixed in fM 4.5.1 <http://www.facilemanager.com/download/>
and later.
—
Reply to this email directly, view it on GitHub
<#599 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ASPKKYONMKG4FURDGYWN3K3YRGJMTAVCNFSM6AAAAABCBO4JHWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMJYGE3TEMBZGQ>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
WillyXJ commented
Yes, I did request CVEs for each of them. Expectations are to have assignments later this week.