discourse

mirror of https://gh.wpcy.net/https://github.com/discourse/discourse.git synced 2026-05-07 17:25:47 +08:00

History

OsamaSayegh bc19934384 SECURITY: Add post visibility check to poll voters endpoint The `/polls/voters.json` endpoint was missing authorization checks to verify if users could access the post containing the poll. This allowed unauthorized users (including anonymous users) to retrieve voter data from polls in posts they don't have access to.	2026-02-26 12:22:54 +00:00
..
discourse_poll	SECURITY: Add post visibility check to poll voters endpoint	2026-02-26 12:22:54 +00:00

OsamaSayegh bc19934384 SECURITY: Add post visibility check to poll voters endpoint

The `/polls/voters.json` endpoint was missing authorization checks to
verify if users could access the post containing the poll. This allowed
unauthorized users (including anonymous users) to retrieve voter data
from polls in posts they don't have access to.

2026-02-26 12:22:54 +00:00

..

discourse_poll

SECURITY: Add post visibility check to poll voters endpoint

2026-02-26 12:22:54 +00:00

专为开源 Web 生态打造的企业级代码托管平台，深度支持 WordPress、Laravel、Vue.js、React 等主流技术栈，致力于推动中国开放网络 OpenWeb 发展，助力本土开源项目建设。

基于构建 | 专业 • 开放 • 安全