opensourcepos/app at 37c6e22fc460c9876dce5b7c056e25cf59419d2c - opensourcepos - Gitea: Git with a cup of tea

mirror/opensourcepos

mirror of https://github.com/opensourcepos/opensourcepos.git synced 2026-03-29 04:11:37 -04:00

Files

History

jekkos 3c7ece5c33 Fix permission bypass in Sales.getManage() access control (#4428 )

The redirect() in getManage() returned a RedirectResponse that was never
executed, allowing unauthorized access to reports_sales. Updated method
signature to return ResponseInterface|string and properly return the
redirect response.

Refs: GHSA-94jm-c32g-48r5

Co-authored-by: Ollama <ollama@steganos.dev>

2026-03-13 17:52:07 +00:00

..

Refactor: Move ADMIN_MODULES to constants, rename methods to camelCase

2026-03-06 17:25:25 +01:00

Fix permission bypass in Sales.getManage() access control (#4428 )

2026-03-13 17:52:07 +00:00

Add migration to fix existing image filenames with spaces (#4372 )

2026-03-06 17:09:52 +01:00

Improve code style and PSR-12 compliance (#4204 )

2025-05-02 19:37:06 +02:00

Upgrade to CodeIgniter 4.1.3

2024-06-15 17:19:15 +02:00

Add filter persistence for table views via URL query string (#4400 )

2026-03-11 20:11:00 +01:00

Sync language files (#3468 )

2026-03-09 07:45:19 +01:00

fix(security): whitelist and validate invoice template types (#4393 )

2026-03-06 13:18:47 +01:00

Fix mass assignment vulnerability in bulk edit (GHSA-49mq-h2g4-grr9)

2026-03-08 22:49:12 +01:00

Improve code style and PSR-12 compliance (#4204 )

2025-05-02 19:37:06 +02:00

Fix XSS vulnerability in tax invoice view (#4432 )

2026-03-13 16:09:04 +00:00

.htaccess

Improve code style and PSR-12 compliance (#4204 )

2025-05-02 19:37:06 +02:00

Common.php

Upgrade CI to 4.4.3

2024-06-15 17:19:15 +02:00

index.html

Corrected link in README.md

2024-06-15 17:19:15 +02:00