Joseph Milazzo 9c31f7e7c8 v0.5.4.1 - Security Hotfix (#1414) ... * Updated our security file with our Huntr. * Fixed a security vulnerability where through the API, an unauthorized user could delete/modify reading lists that did not belong to them. Fixed a bug where when creating a reading list with the name of another users, the API would throw an exception (but reading list would still get created) * Fixed a security vulnerability where through the API, an unauthorized user could delete/modify reading lists that did not belong to them. Fixed a bug where when creating a reading list with the name of another users, the API would throw an exception (but reading list would still get created) * Ensure all reading list apis are authorized * Ensured all APIs require authentication, except those that explicitly don't. All APIs are default requiring Authentication. Fixed a security vulnerability which would allow a user to take over an admin account. * Fixed a bug where cover-upload would accept filenames that were not expected. * Explicitly check that a user has access to the pdf file before we serve it back. * Enabled lock out when invalid user auth occurs. After 5 invalid auths, the user account will be locked out for 10 mins. * Version bump for hotfix release		2022-08-08 13:22:38 -07:00
..
EnvironmentInfo	Fixed an issue where docker users were not properly backing up the database. Removed an empty File for when covers/ had nothing in it. (#692)	2021-10-19 08:35:52 -07:00
Extensions	The big one (#396)	2021-07-17 14:03:11 -05:00
Helpers	Private Email Service Support (#1028)	2022-02-04 09:54:54 -08:00
Configuration.cs	Account Email Support (#1000)	2022-01-30 14:45:57 -08:00
HashUtil.cs	OPDS Cleanup (#534)	2021-08-28 15:32:24 -07:00
Kavita.Common.csproj	v0.5.4.1 - Security Hotfix (#1414)	2022-08-08 13:22:38 -07:00
KavitaException.cs	Bugfix/release cleanup (#512)	2021-08-21 10:03:47 -07:00