dataease

mirror of https://github.com/dataease/dataease.git synced 2026-06-16 20:42:07 +08:00

Author	SHA1	Message	Date
fit2cloud-chenyw	2e67974fba	fix(X-Pack): 第三方平台二维码无法加载	2026-06-16 17:47:29 +08:00
fit2cloud-chenyw	356e83b518	fix(X-Pack): 定时报告-导出 Excel安全漏洞增强	2026-06-16 17:11:30 +08:00
dataeaseShu	e5ca07683d	fix: 样式优化	2026-06-16 16:42:05 +08:00
tjlygdx	cab38e3f0b	fix: 代码重复错误	2026-06-16 15:58:41 +08:00
tjlygdx	6bb3dd998b	fix: 【漏洞】路径操纵、敏感信息泄露	2026-06-16 15:58:41 +08:00
fit2cloud-chenyw	9b1438a725	fix(X-Pack): 定时报告-导出 Excel安全漏洞	2026-06-16 15:36:13 +08:00
tjlygdx	c221265724	fix: 【漏洞】路径操纵、敏感信息泄露	2026-06-16 15:21:58 +08:00
tjlygdx	e20e13991b	fix: 【漏洞】升级依赖	2026-06-16 14:59:30 +08:00
tjlygdx	321af72442	fix: 【漏洞】数据源元数据 SQL 拼接 schema/table 标识符	2026-06-16 14:59:30 +08:00
tjlygdx	8bd6bdcca4	fix: 【漏洞】修复拒绝服务(正则表达式问题)	2026-06-16 14:45:18 +08:00
wangjiahao	9c8584e28b	fix: 修复 DataVisualizationServer ReDoS 漏洞，replaceAll 改为 replace	2026-06-16 14:24:48 +08:00
dataeaseShu	4474e791cb	fix: 漏洞修复	2026-06-16 14:12:34 +08:00
jianneng-fit2cloud	1b454b1545	fix(图表): 修复地图图例数输入框鼠标移开后不恢复数值的问题	2026-06-16 14:03:27 +08:00
wangjiahao	f9bd7e6e47	Merge remote-tracking branch 'origin/dev-v2' into dev-v2	2026-06-16 13:44:41 +08:00
fit2cloud-chenyw	e160b6c42e	fix: 修复 20260616083022相关安全漏洞	2026-06-16 11:54:08 +08:00
wangjiahao	c1b44af264	fix: 修复 StaticResourceServer 路径操纵漏洞 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-06-16 11:24:38 +08:00
fit2cloud-chenyw	436a90307a	perf(X-Pack): Webhook 设置表单回显错误	2026-06-16 11:08:27 +08:00
jianneng-fit2cloud	ea0f6d6b95	fix(图表): 修复数值格式化遇到科学计数法时，数值无法完成格式化显示空的问题	2026-06-16 10:43:09 +08:00
fit2cloud-chenyw	b666924fb6	feat(X-Pack): Webhook 支持自定义 body参数 #18445	2026-06-15 18:23:04 +08:00
fit2cloud-chenyw	576d5eaa9a	perf(数据源): 数据源树展示完整路径	2026-06-15 14:49:42 +08:00
fit2cloud-chenyw	9d23f958b9	feat(X-Pack): 业务资源树展示完整路径，避免断层	2026-06-15 14:15:15 +08:00
wangjiahao	41b7be007d	fix: 修复 ExcelWatermarkUtils 资源注入漏洞对字体大小进行服务端校验，确保图像宽高在创建 BufferedImage 之前完成边界限制，防止通过恶意请求头触发巨幅内存分配。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-06-12 15:54:19 +08:00
junjun	bc7d2ca7b9	fix: 【漏洞】CalciteProvider.java SQL注入漏洞	2026-06-11 18:01:44 +08:00
tjlygdx	30b3c43175	fix: 修复漏洞，升级依赖版本	2026-06-11 16:57:20 +08:00
wangjiahao	68de64df26	fix: 变更资源访问安全策略	2026-06-11 16:20:02 +08:00
王嘉豪	4463e21cb7	fix: 增加防sql注入逻辑 (#18564 )	2026-06-11 11:52:44 +08:00
wangjiahao	f6f704813b	fix: 增加 `Content-Security-Policy` 等安全标识	2026-06-11 11:35:46 +08:00
wangjiahao	adab5f1e89	fix: 修复v-html 引起的xss漏洞	2026-06-11 11:27:48 +08:00
dataeaseShu	69b89d0b53	fix: 样式优化	2026-06-11 10:40:50 +08:00
dataeaseShu	9565812980	fix: 删除无效文件	2026-06-11 10:40:50 +08:00
wisonic	182ca05bfc	fix(图表): 修复图表插件拖拽添加异常	2026-06-10 18:40:30 +08:00
tjlygdx	df7069c903	fix: 系统变量 SQL 替换未参数化	2026-06-10 17:36:03 +08:00
wangjiahao	8a6d56d0a5	Merge remote-tracking branch 'origin/dev-v2' into dev-v2	2026-06-10 16:42:55 +08:00
wangjiahao	f3b2fba461	refactor(图表): 图表下钻的维度支持跳转	2026-06-10 16:42:24 +08:00
dataeaseShu	be4b4ce752	fix: 样式优化	2026-06-10 16:42:23 +08:00
tjlygdx	b38009fa37	fix: 系统变量 SQL 替换未参数化	2026-06-10 16:33:53 +08:00
tjlygdx	4530dfbf53	fix: 【漏洞】修复ExcelUtils.java漏洞	2026-06-10 16:33:53 +08:00
tjlygdx	466d7a5f2c	fix: 【漏洞】修复HttpClientUtil.java的漏洞	2026-06-10 16:33:53 +08:00
tjlygdx	227b77b327	fix: 【漏洞】/symmetricKey 白名单公开返回对称密钥	2026-06-10 16:33:53 +08:00
tjlygdx	a78d7c31ca	fix: 路径穿越	2026-06-10 16:33:53 +08:00
tjlygdx	20e58f7ff6	fix: 路径穿越	2026-06-10 16:33:53 +08:00
tjlygdx	affd62cec5	fix: 路径穿越	2026-06-10 16:33:53 +08:00
tjlygdx	6883283882	fix: 路径穿越	2026-06-10 16:33:53 +08:00
tjlygdx	3f614e2cfc	fix: 路径穿越	2026-06-10 16:33:53 +08:00
tjlygdx	33d91a42ce	fix: 任意文件上传/写	2026-06-10 16:33:53 +08:00
tjlygdx	ed5ee3137f	fix: 路径穿越	2026-06-10 16:33:53 +08:00
tjlygdx	57e90bdcc2	fix: 任意文件删除	2026-06-10 16:33:53 +08:00
tjlygdx	45c984fc9e	fix: 任意文件删除	2026-06-10 16:33:53 +08:00
tjlygdx	59cb3c0b07	fix: 修复路径穿越	2026-06-10 16:33:53 +08:00
tjlygdx	265b31179f	fix: 修复路径篡改（ZIP）	2026-06-10 16:33:53 +08:00

1 2 3 4 5 ...

20885 Commits