Security

SECURITY.md

Security Policy

For major security issues, at least the current release series and the last major series will receive patches and new versions.

Security related announcements will be posted as security advisories.

If you have found a security related bug, please contact info(at)codevise.de instead of creating a publicly visible issue.

Insecure direct object reference in membership update endpoint
GHSA-qcqv-38jg-2r43 published Sep 14, 2022 by tf

High
Sensitive user data extraction via Ransack query injection
GHSA-wrrw-crp8-979q published Sep 14, 2022 by tf

High

Learn more about advisories related to codevise/pageflow in the GitHub Advisory Database