Wiki
outline/outline
The fastest knowledge base for growing teams. Beautiful, realtime collaborative, feature packed, and markdown compatible.
#react#wiki#nodejs#mobx#slack#javascript#docker
スコア
75
/ 100
Star
38,504
Fork
3,294
Open Issue
40
サイズ
310MB
言語
TypeScript ★
最終push
0 日前
Docker
🐳 両方 ★
採点内訳
過去CVE 13件 (やや多い)
✓直近 push: 0 日前
✓得意言語 (TypeScript)
✓オープンissue 40件
—大規模 (310MB)
—Docker 対応 (Dockerfile + compose)
✓10k–50k: 中級 (★38,504)
—※ 各項目の重みは「採点ルール」を参照。合計は 0 で底打ち。
過去の SecurityAdvisory (20 件)
- Slack OAuth state can link a victim Outline account to an attacker Slack identity
- IDOR in subscriptions.create allows cross-tenant subscription on private documents (sibling of GHSA-23jj-rp48-w7q7)
- OAuth Scope Validation Logic Error Allows Privilege Escalation to Wildcard API Access
- Zip Extraction Path Escape via PATH_MAX Truncation in Collection Import
- Unauthorized Document Publication via Mixed collectionId+documentId Share
- Stored XSS via Comment Mentions
- Attachment Preset Size-Limit Bypass and Storage Accounting Corruption in Local-Storage Mode
- Insufficient JWT Verification in Rate Limiter Middleware Enables Denial of Service
- IDOR in document share creation allows unauthorized access to private documents across workspaces
- Rate limit bypass allows brute force of email login OTP
- IDOR allows unauthorized viewing and seizing of private deleted drafts
- Information Disclosure in Activity Logs allows User Enumeration of Private Drafts
- Arbitrary File Read via Path Traversal in JSON Import
- Event Access Insecure Direct Object Reference (IDOR)
- Privilege escalation vulnerability via document sharing functionality
- Suspended user authentication bypass via WebSocket connections
- Cross-site request forgery via sibling domains
- Blind server-side request forgery
- Local File Storage Leading to CSP bypass
- Stored XSS vulnerability in Outline editor