GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Jos Poortvliet (jospoortvliet@fosstodon.org)'s status on Saturday, 08-Mar-2025 12:31:05 JST Jos Poortvliet Jos Poortvliet
    • Frank Karlitschek
    • bert hubert 🇺🇦🇪🇺🇺🇦

    @bert_hubert @niels @Karlitschek I don't know what this is, but if it is/was decided at company level to send info on user profiles to us, I'm pretty sure I'd know about it. And I don't. Nor did we change our ToS because we don't have one 🤔

    Buuuut bugs exist. And there are 300 apps in our app store that we can't all check line by line. So I assume this could be a security issue. Please, @niels could you report this with the logs to our security team? Use hackerone.com/nextcloud

    In conversation about 5 months ago from fosstodon.org permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: profile-photos.hackerone-user-content.com
      Nextcloud - Bug Bounty Program | HackerOne
      The Nextcloud Bug Bounty Program enlists the help of the hacker community at HackerOne to make Nextcloud more secure. HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited.
    • Embed this notice
      Tobias Fiebig (tfiebig@wybt.net)'s status on Saturday, 08-Mar-2025 12:31:40 JST Tobias Fiebig Tobias Fiebig
      in reply to
      • Frank Karlitschek
      • bert hubert 🇺🇦🇪🇺🇺🇦

      @jospoortvliet @bert_hubert @niels @Karlitschek Current suspect: Notifications app ; it just got a push feature. And er... this sadly makes sense for that.

      In conversation about 5 months ago permalink
    • Embed this notice
      Tobias Fiebig (tfiebig@wybt.net)'s status on Saturday, 08-Mar-2025 12:31:41 JST Tobias Fiebig Tobias Fiebig
      in reply to
      • Frank Karlitschek
      • bert hubert 🇺🇦🇪🇺🇺🇦

      @jospoortvliet @bert_hubert @niels @Karlitschek See my post above; This seems to be something regular, constraint to specific time windows. Not relaly the maintenance window, though (at least not aligning with mine.)

      In conversation about 5 months ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.