I think bug in your softwere XXE

[rutviiik]

How to post a meaningful bug report

1. https://upload.alwaysdata.com/f.php?h=1O92GLH2&p=1
2. here you can see this site use your software and
3. i think i found xxe becouse i gived you one like plese cheke becouse i uploded there one svg file that have xml contend and this go excuted
4. if this is not from your side plese replay me

[alexAubin]

What the heck ?

[rutviiik]

@alexAubin i don't understand wat u means ?

[spctrlth]

I assume they found what's described in https://gitlab.com/mojo42/Jirafeau/-/merge_requests/103

As I understand, this is fixed in Jirafeau 4.4.0. There's currently an update-PR for the ynh-package https://github.com/YunoHost-Apps/jirafeau_ynh/pull/94

So once that's released, this issue may probably be closed.

@blackberry199 Thank you for notifying, but I'm afraid a language barrier caused problems here.