Merge pull request #10030 from hashicorp/fix-ent-audit-log-bypass

Add synthetic enterprise entry for CVE-2021-28156
This commit is contained in:
Kent 'picat' Gruber 2021-04-14 20:08:51 -04:00 committed by GitHub
commit 7e9bcb06ca
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

3
.changelog/_795.txt Normal file
View file

@ -0,0 +1,3 @@
```release-note:security
audit-logging: Parse endpoint URL to prevent requests from bypassing the audit log [CVE-2021-28156](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28156)
```