Thank you 👍
Security Vulnerability Disclosure, 08 Dec 2021
All of us at NodeBB are committed to delivering fully-secure, bug-free software. At the same time, we believe in full transparency when it comes to disclosing security vulnerabilities
Today’s blog post reveals a trio of security vulnerabilities that were present in prior releases of NodeBB. We were notified of these vulnerabilities the week of 25 October 2021, and have patched and released a fixed version of NodeBB, v1.18.5, two days later, on 27 October.
Click here to see the full blog post
@julian Good to know. And kudos for the bounties as well. Let's keep the grey hats incentivized, eh?