[1.10.0]
Update rss-bridge to 2025-01-02 Full Changelog fix: convert php errors to exceptions when in debug mode by @โdvikan in https://github.com/RSS-Bridge/rss-bridge/pull/4176 Bump min php version from 7.4 to 8.0. Introduce a new document root with separate data folder (e.g. /var/www/rss-bridge/public and /var/www/rss-bridge/var/) rss-bridge is trivially vulnerable to XSS in the HtmlFormat page since we dont sanitize the html(mostly harmless since theres not much to exploit). Feed readers do sanitize html so no problem there. rss-bridge is trivially vulnerable to SSRF (mostly harmless? hard to exfiltrate data) Also we actually want to allow to fetch resources from non-public IP addresses, so maybe introduce a config for this allowanceRSS-Bridge
9
Topics
53
Posts
-
RSS-Bridge - Package Updates
Pinned -
-
-
-
-
Changing admin password
Moved -
-
-