OneBlog
OneBlog copied to clipboard
zhangyd-c
:alien: OneBlog,一个简洁美观、功能强大并且自适应的Java博客
docker 成功启动 但是浏览器无法访问 127.0.0.1:8085 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES af7da343fe35 nginx "/docker-entrypoint.…" 12 minutes ago Up 12 minutes 0.0.0.0:8080->80/tcp, :::8080->80/tcp nginx 3804c9599f78 justauth/blog-web "java -jar app.jar -…"...
[Suggested description] Insecure Permissions vulnerability exists in OneBlog.Low level administrators can delete high-level administrators beyond their authority (including administrators with the highest authority). [Vulnerability Type] Insecure Permissions [Vendor of Product]...
Cross SIte Scripting (XSS) vulnerability exists in OneBlog-
您好,该项目中可能存在FreeMarker模板注入实现远程命令执行问题的风险。 在项目后台存在模板管理功能,并且可以任意修改模板。   成功修改了数据库中的模板数据。 之后前台访问url/sitemap.xml,成功触发命令执行  解决办法j 建议对修改的模块的地方进行过滤处理。 
2019-10-29 22:06:45 [org.apache.juli.logging.DirectJDKLog:182] ERROR - Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [redis.clients.jedis.exceptions.JedisConnectionException: Could not get a resource from the pool] with root cause java.net.ConnectException: Connection...
Bumps [hutool-core](https://github.com/dromara/hutool) from 5.5.7 to 5.8.19. Release notes Sourced from hutool-core's releases. 5.8.19(2023-05-27) 🐣新特性 【db 】 优化HttpRequest.toString()内容打印(issue#3072@Github) 【poi 】 优化Sax方式读取时空白行返回0,修改为返回-1(issue#I6WYF6@Gitee) 【db 】 优化count查询兼容informix(issue#I713XQ@Gitee) 【core 】 去除Opt头部的GPL协议头(pr#995@Gitee) 【core 】 邮箱校验添加对中文的支持(pr#997@Gitee) 【core...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
This PR addresses a critical security vulnerability in the updatePwd method where new passwords were being stored in plaintext rather than being properly encrypted before storage. References https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/7d4dab60352079953b7be120afe9bd14983ae3bc https://nvd.nist.gov/vuln/detail/CVE-2023-3423
