gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-06 15:14:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

more detailed description of fixed CVE in 5.1.11

Browse Source
This commit is contained in:
Uwe Steinmann 2019-06-20 08:26:37 +02:00
parent cf3d276913
commit 94ec9f5962
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CHANGELOG
View File

@ -1,10 +1,12 @@
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Changes in version 5.1.11 Changes in version 5.1.11
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
- fix for CVE-2019-12744, add .htaccess file to data directory, better - fix for CVE-2019-12744 (Remote Command Execution through unvalidated
documentation for installing seeddms file upload), add .htaccess file to data directory, better documentation
- fix for CVE-2019-12745 and CVE-2019-12801, propperly escape strings used for installing seeddms
in Select2 js library used by UsrMgr and GroupMgr - fix for CVE-2019-12745 (Persistent or Stored XSS in UsrMgr) and
CVE-2019-12801 (Persistent or Stored XSS in GroupMgr), propperly escape
strings used in Select2 js library used by UsrMgr and GroupMgr
- do not show attributes in search results in extra column anymore - do not show attributes in search results in extra column anymore
- fix setting language during login (Closes #437) - fix setting language during login (Closes #437)
- fix indexing documents even if no preIndexDocument hook is set (Closes #437) - fix indexing documents even if no preIndexDocument hook is set (Closes #437)