Headline
CVE-2022-29784: 安全漏洞修复 感谢 姜洋-长亭科技 · sanluan/PublicCMS@d8d7626
PublicCMS V4.0.202204.a and below contains an information leak via the component /views/directive/sys/SysConfigDataDirective.java.
BIN +492 KB (130%) doc/PublicCMS V4.0 二次开发手册_中文.doc
@@ -23,7 +23,7 @@ subprojects {
apply plugin: “eclipse-wtp”
group = ‘com.publiccms’
version = ‘V4.0.202204.a’
version = ‘V4.0.202204.b’
test.enabled = false
@@ -22,7 +22,7 @@
<maven.compiler.source>${java.version}</maven.compiler.source>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.encoding>UTF-8</maven.compiler.encoding>
<version.publiccms>V4.0.202204.a</version.publiccms>
<version.publiccms>V4.0.202204.b</version.publiccms>
<!-- http://mvnrepository.com/artifact/org.springframework/spring-core -->
<!-- https://spring.io/projects/spring-framework -->
<version.spring>5.3.19</version.spring>
@@ -28,7 +28,7 @@ public static final String getVersion() {
* @return revision
*/
public static final String getRevision() {
return "a";
return "b";
}
/**
@@ -50,6 +50,11 @@ public void execute(RenderHandler handler) throws IOException, Exception {
}
}
@Override
public boolean needAppToken() {
return true;
}
@Autowired
private SysConfigDataService service;
@@ -45,6 +45,11 @@ public void execute(RenderHandler handler) throws IOException, Exception {
}
}
@Override
public boolean needAppToken() {
return true;
}
@Autowired
private SysDatasourceService service;
0 comments on commit d8d7626
Please sign in to comment.