issues Search Results · language:Dune language:TypeScript language:JavaScript language:HTML language:JavaScript
Filter by
41.3M results
Image upload endpoint validates client-supplied MIME type only, not actual file content.
Problem: Accepts type=image/jpeg header regardless of actual file content Attack: Upload PHP shell disguised as ...
anshul23102
Summary
Two separate bugs affecting cron job reliability on OpenClaw 2026.6.1:
Bug 1: claude-haiku-4.5 tool schema rejection
400 tools.0.custom.eager_input_streaming: Extra inputs are not permitted ...
beerygaz
Form submissions (contact, portfolio updates) don t validate CSRF tokens, allowing cross-site request forgery.
Problem: No CSRF tokens checked on POST /contact or POST /upload endpoints Attack: Attacker ...
Portfolio item descriptions are rendered directly in HTML without sanitization, allowing JavaScript injection.
Problem: Description field accepts \ script\ alert( XSS )\ /script\ and executes in browser ...
背景
services/api/src/datasource/firestore.ts 内の `lesson_sessions` 関連メソッドで、Firestore 書き込み時の undefined → null 変換ロジックが 3
箇所重複している。
```typescript const sanitized = Object.fromEntries( Object.entries(data).map(([k, ...
enhancement
P2
system-279
iamankeshsharma
Problem
The codebase enforces @typescript-eslint/consistent-type-imports globally — it is configured in the Custom rules for all
files block of eslint.config.js ({ prefer: type-imports , fixStyle: inline-type-imports ...
automate
priority/medium
scope/infra
status/done
type/chore
tjiddy
wm-zqbxDescription: Creating an editorial edition currently requires running raw SQL in Supabase Console — inserting into
editions, edition_places, uploading photos to Storage, and copying URLs manually. This ...
fredyvelasquezgt
Contact Section: Content Vertically Pinned Too Low
After reducing from 4 bullets to 3 (#28 via PR #31), the Contact section content appears pinned to the bottom of the
viewport.
Root Cause
The Contact ...
DoctorDerek
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.