Update the default reset password link timeout to a longer value
|
|
10
|
159
|
March 25, 2024
|
Add friction in some UI for better security
|
|
5
|
70
|
February 14, 2024
|
Even remote code executions of type "Bug" instead of type "Security" on jira.xwiki.org
|
|
1
|
59
|
January 12, 2024
|
Security Policy Process Amendment
|
|
4
|
115
|
December 8, 2023
|
Access request to security group in Jira.xwiki.org
|
|
2
|
53
|
December 4, 2023
|
Jira tickets for security issues
|
|
4
|
339
|
October 10, 2023
|
Security warnings when using the latest XWiki version
|
|
9
|
324
|
September 26, 2023
|
Security Policy Amendment to analyze vulnerabilities in dependencies
|
|
2
|
144
|
July 20, 2023
|
Formalize CVSS "Privileges Required" level for XWiki advisories
|
|
6
|
288
|
May 16, 2023
|
CVSS computation best practice for XSS
|
|
4
|
277
|
May 16, 2023
|
Disclosing old fixed security issues
|
|
14
|
454
|
December 2, 2022
|
Security advisory template documented in Security policy
|
|
0
|
199
|
November 22, 2022
|
Security Policy Amendment: systematic vote for extending CVE embargo
|
|
5
|
194
|
November 4, 2022
|
Reminder about the importance of upgrading your XWiki instances
|
|
0
|
195
|
September 7, 2022
|
Add a .well-known/security.txt file in xwiki.org
|
|
6
|
302
|
April 28, 2022
|
OpenID Connect Authenticator 1.29.1 released with important security fix
|
|
1
|
307
|
January 27, 2022
|
Log4J CVE-2021-44228 "Log4Shell" Zero-Day Vulnerability
|
|
1
|
2529
|
December 13, 2021
|
LTS updates with security issues
|
|
4
|
363
|
July 30, 2021
|
Security issues disclosure for current cycle
|
|
2
|
271
|
June 30, 2021
|
SonarCloud Review
|
|
3
|
963
|
May 28, 2021
|
Get rid of @Programming annnotation
|
|
5
|
261
|
January 25, 2021
|
[CRITICAL] Authenticated server side code execution without programming rights on User Dashboards
|
|
0
|
257
|
May 16, 2020
|