-
-
Notifications
You must be signed in to change notification settings - Fork 85
Issues
is:issue state:open
is:issue state:open
Issue creation is restricted in this repository
Search results
Fix session variable inconsistency in verify_user.py
bugSomething isn't workingSomething isn't workingStatus: Open.#267 In DogukanUrker/FlaskBlog;CWE-204: Observable response discrepancy (user enumeration)
securitySecurity-related issuesSecurity-related issuesStatus: Open.#265 In DogukanUrker/FlaskBlog;CWE-307: Weak password reset (4-digit code, no rate limiting)
securitySecurity-related issuesSecurity-related issuesStatus: Open.#264 In DogukanUrker/FlaskBlog;Use session.get("language", "en") for safer language access
enhancementNew feature or requestNew feature or requestStatus: Open.#261 In DogukanUrker/FlaskBlog;Prevent deletion of the last admin account
securitySecurity-related issuesSecurity-related issuesStatus: Open.#260 In DogukanUrker/FlaskBlog;CRITICAL: Add authorization checks to delete_user() function
securitySecurity-related issuesSecurity-related issuesStatus: Open.#259 In DogukanUrker/FlaskBlog;[Security] IDOR: Any Authenticated User Can Delete Any Post or Comment
bugSomething isn't workingSomething isn't workinghigh-priorityHigh priority itemsHigh priority itemssecuritySecurity-related issuesSecurity-related issuesStatus: Open.#254 In DogukanUrker/FlaskBlog;Base 64 image support for markdown renderer
enhancementNew feature or requestNew feature or requestneeds-clarificationNeeds more informationNeeds more informationStatus: Open.#250 In DogukanUrker/FlaskBlog;update demo video/screenshots after v3 release
documentationImprovements or additions to documentationImprovements or additions to documentationmaintenanceMaintenance tasksMaintenance tasksStatus: Open.#235 In DogukanUrker/FlaskBlog;deploy the project
deploymentDeployment-relatedDeployment-relatedenhancementNew feature or requestNew feature or requestStatus: Open.#228 In DogukanUrker/FlaskBlog;epic: Security fixes
epicEpic tracking issueEpic tracking issuesecuritySecurity-related issuesSecurity-related issuesStatus: Open.