From: VirtualTam <virtualtam+github@flibidi.net>
Date: Wed, 25 Oct 2017 20:49:22 +0000 (+0200)
Subject: Merge pull request #1005 from virtualtam/refactor/authentication
X-Git-Tag: v0.9.4~37
X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=88d38cb290aad669ad1406e2362d85c81e46d4f6;hp=ae7c954b1279981cc23c9f67d88f55bfecc4d828;p=github%2Fshaarli%2FShaarli.git

Merge pull request #1005 from virtualtam/refactor/authentication

Refactor session management utilities
---

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 120c5d22..33feac20 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -40,7 +40,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 
 ### Security
 
-- Vulnerability introduced in v0.9.1 fixed.
+- Fixed reflected XSS vulnerability introduced in v0.9.1, discovered by @chb9 ([CVE-2017-15215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15215)).
 
 ## [v0.9.1](https://github.com/shaarli/Shaarli/releases/tag/v0.9.1) - 2017-08-23