QuantumGhost 874406d934 security(api): fix privilege escalation vulnerability in model config and chat message APIs (#25518) ... The `ChatMessageApi` (`POST /console/api/apps/{app_id}/chat-messages`) and `ModelConfigResource` (`POST /console/api/apps/{app_id}/model-config`) endpoints do not properly validate user permissions, allowing users without `editor` permission to access restricted functionality. This PR addresses this issue by adding proper permission check.		2025-09-11 14:53:35 +08:00
..
app	security(api): fix privilege escalation vulnerability in model config and chat message APIs (#25518)	2025-09-11 14:53:35 +08:00
__init__.py	feat: Persist Variables for Enhanced Debugging Workflow (#20699)	2025-06-24 09:05:29 +08:00