ShieldAI

Mike/ShieldAI

Fork 0

Commit Graph

Author	SHA1	Message	Date
Michael Freno	c490735ba2	FRE-4520: Fix security vulnerabilities in notification template system - Fix HTML injection vulnerability with proper entity encoding - Fix rate limit cleanup bug (count vs timestamp confusion) - Add URL validation to prevent open redirect attacks - Add expiration to in-memory deduplication entries - Use Zod schema for config validation - Add email format validation All 29 tests passing. Ready for Code Reviewer final review. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-01 19:35:22 -04:00

Author

SHA1

Message

Date

Michael Freno

c490735ba2

FRE-4520: Fix security vulnerabilities in notification template system

- Fix HTML injection vulnerability with proper entity encoding
- Fix rate limit cleanup bug (count vs timestamp confusion)
- Add URL validation to prevent open redirect attacks
- Add expiration to in-memory deduplication entries
- Use Zod schema for config validation
- Add email format validation

All 29 tests passing. Ready for Code Reviewer final review.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-05-01 19:35:22 -04:00

1 Commits