Closed hf-kklein closed 1 year ago
flo-schu
commented
1 year ago The severe vulnerabilities all come from static code (copied bootstrap library). This can be resolved by using an up-to-date version included in the link section of the page head
smaller vulnerabilities are inside the code and should be easily fixed
flo-schu
commented
1 year ago input of passphrase for registration is processed as raw-text (change to password field) This will be tackled in #71
other critical vulnerabilities come from probably old versions of admin and markdownx packages. An issue has been created to address this in the future #80
CodeQL checks the code for vulnerabilities. For Details see https://codeql.github.com/