Is Cipi secure from exploits?

andreapollastri / cipi

Install and manage your server like a pro! With Cipi you don’t need to be a Sys Admin to deploy and manage websites and PHP applications powered by cloud VPS.

https://cipi.sh

1.08k stars 223 forks source link

Is Cipi secure from exploits? #412

Closed hobhobuk closed 2 years ago

hobhobuk commented 2 years ago

Hey,

Cipi sounds really great and sounds ideal for my needs. However was googling for some opinions etc, as you do. and stumbled across this;

https://packetstormsecurity.com/files/166161/cipicp3115-xss.txt

Is this something that should be of concern?

donniewr commented 2 years ago

@andreapollastri should check out this asap.

andreapollastri commented 2 years ago

Hi! Cipi currently is secure, Xss is impossible on it but Version 4 auth will be based on Laravel Sanctum https://laravel.com/docs/9.x/sanctum so anything will change very soon!