Unverified Commit af26d26f authored by Markus Kirsch's avatar Markus Kirsch Committed by gitbook-bot
Browse files

GitBook: [master] 2 pages modified

parent b9277da9
......@@ -79,7 +79,7 @@ await APIClient.v1.post('users.2fa.sendEmailCode', undefined, {emailOrUsername:
## Handling password fallback
If an api request returns TOTP Required with a method *password*, then the API user's password is required to authenticate the request:
If an api request returns TOTP Required with a method _password_, then the API user's password is required to authenticate the request:
```javascript
// Error example
......@@ -141,3 +141,4 @@ It's possible to disabled the email check by calling the endpoint `users.2fa.dis
```javascript
await APIClient.v1.post('users.2fa.disable-email');
```
......@@ -10,22 +10,30 @@ Please make sure to follow new version updates by subscribing to our newsletters
**Issues**
\*\*\*\*
{% hint style="danger" %}
**2020-0004 - High Severity issue** fixed at **2020-10-01**
Rocket.Chat Desktop Client - affects **2.x**, ****fixed on **3.0**
_details will be added with next release_
{% endhint %}
{% hint style="danger" %}
**RC-2020-0003 - High Severity issue** fixed at **2020-08-29**
Rocket.Chat Server - affects **3.4.x**, ****fixed on **3.6**
_Details will be added with the next release_
**\(RCE\)** Fixed an issue where discussion messages could be used to insert and execute code.
{% endhint %}
{% hint style="info" %}
**RC-2020-0002 - Low Severity issue** fixed at **2020-08-29**
Rocket.Chat Server - affects **3.x**, ****fixed on **3.6**
_Details will be added with the next release_
Added a missing X-Frame Options Header in the admin
{% endhint %}
{% hint style="danger" %}
**RC-2020-0001 - High Severity issue** fixed at **2020-07-25**
Rocket.Chat Server - affects **3.4.x**, ****fixed on **3.5** and **3.4.2**
**\(RCE\)** Fixed an issue where thread starting messages could be used to insert and execute code. Thanks to Pawel Wylecial of [REDTEAM.PL](http://redteam.pl/)
**\(RCE\)** Fixed an issue where thread starting messages could be used to insert and execute code. Thanks to Pawel Wylecial of [REDTEAM](http://redteam.pl/)_.PL_
{% endhint %}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment