eric/mailpit
1
0
Fork 0
mirror of https://github.com/axllent/mailpit.git synced 2026-06-28 15:06:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9670183d0f5343f7cf1fc5981e4df107626b0ede
mailpit/config
History
Ralph Slooten a078c318e8 Fix(Security): Prevent bypass of Contend Security Policy using stored XSS, and sanitize preview HTML data (DOMPurify) 
This closes a security hole whereby a bad actor with SMTP access can bypass the CSP headers with a series of specially crafted HTML messages. A special thanks to @bmodotdev for responsibly disclosing the vulnerability and proving information and an initial fix.
2024-07-26 22:02:14 +12:00
..
config.go
Fix(Security): Prevent bypass of Contend Security Policy using stored XSS, and sanitize preview HTML data (DOMPurify)
2024-07-26 22:02:14 +12:00
tags.go
Feature: Add option to disable auto-tagging for plus-addresses & X-Tags (#323)
2024-06-28 22:35:07 +12:00