- Introduced ManageSlideSidebarComponent for displaying slide thumbnails with click functionality to navigate to the current page.
- Refactored ManagerSettingsComponent to improve layout and organization, including:
- Consolidated toggle options into a reusable toggle_row component for better maintainability.
- Enhanced the presentation and attendees settings sections with clearer labels and improved styling.
- Removed redundant code and improved readability.
* Fix critical security vulnerabilities
Address 5 critical findings from security audit:
- Sanitize custom embed HTML to prevent stored XSS (strip all non-iframe content)
- Escape URLs in format_body/1 to prevent reflected XSS via post messages
- Add authorization check to form export endpoint (IDOR fix)
- Replace String.to_atom/1 on user input with explicit whitelists (8 locations)
- Add IP-based rate limiting on authentication endpoints via Hammer
* Start rate limiter before endpoint in supervision tree
* Update CHANGELOG