I also support back port this fix to previous Dashboard, or provide a quick way for users to disable those 2 Unauthorized APIs
Baoyuan <baoyuan....@gmail.com>于2021年12月29日 周三下午4:35写道: > Hi Community, when APISIX Dashboard users try to fix CVE-2021-45232, they > need to upgrade Dashboard to version 2.10.1. > > Due to the Dashboard version needing to correspond to APISIX, users will > also need to consider upgrading APISIX, which may cause inconvenience to > users. > > Are we considering backporting the fixed code for this vulnerability to the > previous affected version? What do you think? > -- 来自 琚致远
