Skip to content

Commit e415d93

Browse files
ildyriaildyria
committed
fix
1 parent cdbd5a5 commit e415d93

2 files changed

Lines changed: 3 additions & 3 deletions

File tree

docs/releases.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ Released on Mar 23rd, 2026
3636

3737
#### Fix XSS in RSS feed
3838

39-
Another day, another patch. A bit depressing... but so is the life of a maintainer. This patch fixes a potential XSS vulnerability in the RSS feed. The issue was that the description of the photos were not properly escaped, allowing for potential XSS attacks if they contained malicious code.
39+
Another day, another patch. A bit depressing... but so is the life of a maintainer. This patch fixes a potential XSS vulnerability in the RSS feed. The issue was that the description of the photos was not properly escaped, allowing for potential XSS attacks if they contained malicious code.
4040

4141
* `fix` #4218 : Fix XSS in /feed by @ildyria.
4242
* `new` #4217 : Added and improved German translations by @hyazinthh.

src/pages/roadmap.astro

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,9 +8,9 @@ const metadata = {
88
99
// Release data extracted from releases.md
1010
const releases = [
11-
{ version: 'v7.5.3', date: 'Mar 23, 2026', title: 'Hotfix', type: 'bugfix', highlights: ['Fix XSS in RSS feed'] },
11+
{ version: 'v7.5.3', date: 'Mar 23, 2026', title: 'Hotfix', type: 'security', highlights: ['Fix XSS in RSS feed'] },
1212
{ version: 'v7.5.2', date: 'Mar 22, 2026', title: 'Camera support & hotfix', type: 'minor', highlights: ['Upload from camera support from Frontend', 'Fix SSRF on name resolution to reserved ip space'] },
13-
{ version: 'v7.5.1', date: 'Mar 21, 2026', title: 'Hotfix', type: 'bugfix', highlights: ['Fix SSRF on localhost aliases', 'Support PHP wihout LDAP extension'] },
13+
{ version: 'v7.5.1', date: 'Mar 21, 2026', title: 'Hotfix', type: 'security', highlights: ['Fix SSRF on localhost aliases', 'Support PHP wihout LDAP extension'] },
1414
{ version: 'v7.5.0', date: 'Mar 16, 2026', title: 'Search revamped', type: 'major', highlights: ['New search UI & UX', 'Tag filters in albums'] },
1515
{ version: 'v7.4.2', date: 'Mar 12, 2026', title: 'Fixes', type: 'bugfix', highlights: ['Fixes to the CSP policy'] },
1616
{ version: 'v7.4.1', date: 'Mar 8, 2026', title: 'Fixes and minor improvements', type: 'bugfix', highlights: ['Fixed potential crash related to missing configurations', 'Added error message for missing ldap extension', 'Allow passing individual file paths to lychee:sync command'] },

0 commit comments

Comments
 (0)