🚨 **安全更新：[Hollo 0.6.5](https:… — Hollo :hollo:

@hollo@hollo.social · Reply to Hollo :hollo:

🚨 安全更新：Hollo 0.6.5 发布

我们发布了 #Hollo 0.6.5，修复了 CVE-2025-53941 关键安全漏洞，解决了联邦帖子中的 HTML 注入漏洞。

请立即更新以保护您的实例免受潜在的钓鱼和 XSS 攻击。

更新方法：

Railway：转到部署 → 点击三个点 → Redeploy
Docker：docker pull ghcr.io/fedify-dev/hollo:latest 然后重启
手动：git pull origin stable && pnpm install 然后重启服务器

#安全 #更新

github.com

Posts received with form elements are rendered allow submission

### Summary When an incoming post has form elements included, the elements are rendered and are submittable. Other platforms normally remove such elements before rendering. Please note that I a...