Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

(Security) Fixes #1202 bug risk of leaking the scan result files #1301

Merged
merged 2 commits into from
Jul 5, 2024

Conversation

yogeshojha
Copy link
Owner

Fixes a security issue in nginx that allowed media directives to be accessed by non auth users.

Used X-Accel-Redirect as suggested by @0xtejas . Thank you 🥳

Reported by @confd0

@yogeshojha yogeshojha linked an issue Jul 4, 2024 that may be closed by this pull request
1 task
Copy link
Contributor

github-actions bot commented Jul 4, 2024

👋 Hi @yogeshojha,
Thank you for sending this pull request.
Please make sure you have followed our contribution guidelines.
We will review this PR as soon as possible. Thank you for your patience.

web/reNgine/views.py Dismissed Show dismissed Hide dismissed
web/reNgine/views.py Dismissed Show dismissed Hide dismissed
@yogeshojha yogeshojha self-assigned this Jul 4, 2024
@yogeshojha yogeshojha merged commit ca8389b into master Jul 5, 2024
6 checks passed
@yogeshojha yogeshojha deleted the 1202-bug-risk-of-leaking-the-scan-result-files branch July 19, 2024 05:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

bug: Risk of leaking the scan result files
1 participant