Closed hf-kklein closed 1 year ago
The severe vulnerabilities all come from static code (copied bootstrap library). This can be resolved by using an up-to-date version included in the link section of the page head
smaller vulnerabilities are inside the code and should be easily fixed
input of passphrase for registration is processed as raw-text (change to password field) This will be tackled in #71
other critical vulnerabilities come from probably old versions of admin and markdownx packages. An issue has been created to address this in the future #80
CodeQL checks the code for vulnerabilities. For Details see https://codeql.github.com/