Skip to content

Add parse-server batch routeAllowList fix commit reference#8252

Open
cookesan wants to merge 1 commit into
github:cookesan/advisory-improvement-8252from
cookesan:parse-server-p84r-fix-reference
Open

Add parse-server batch routeAllowList fix commit reference#8252
cookesan wants to merge 1 commit into
github:cookesan/advisory-improvement-8252from
cookesan:parse-server-p84r-fix-reference

Conversation

@cookesan

Copy link
Copy Markdown

Adds the upstream merge commit for parse-community/parse-server#10482 to GHSA-p84r-h6rx-f2xr.

Evidence checked:

  • PR #10482 addresses the routeAllowList batch sub-request bypass.
  • Commit 552c6dd extracts shared routeAllowList matching and re-enforces it for each batch sub-request.
  • Release 9.9.1-alpha.3 names GHSA-p84r-h6rx-f2xr, PR #10482, and commit 552c6dd.
  • The 9.9.1-alpha.2...9.9.1-alpha.3 compare contains the merge commit.
  • The npm parse-server 9.9.1-alpha.3 package points at the release commit and contains the fixed built files.
@github-actions github-actions Bot changed the base branch from main to cookesan/advisory-improvement-8252 June 29, 2026 07:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant