Laden...
There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
CiviCRM v5.28.1 CiviCRM v5.27.5 ESRBelow are the security advisories:
CIVI-SA-2020-09: Privilege Escalation via Smart Groups CIVI-SA-2020-10: Cross Site Scripting in Activity Details CIVI-SA-2020-11: CSRF on CKEditor Configuration CIVI-SA-2020-12: XSS in CKEditor Configuration CIVI-SA-2020-13: XSS in Event Summary CIVI-SA-2020-14: XSS in Profile Description CIVI-SA-2020-15: Persistant XSS in Contact Activity Tab CIVI-SA-2020-16: jQuery CVE-202-11022, CVE-2020-11023 CIVI-SA-2020-17: Harden Per-Session Private Key CIVI-SA-2020-18: HTML Injection via Error Message CIVI-SA-2020-19: Edit Permission for Recurring ContributionsA couple of other issues have been fixed in these releases. Please see the official announcement and release notes.
Upgrade now for the most stable CiviCRM experience:
To download CiviCRM 5.28.1: https://civicrm.org/download To download CiviCRM 5.27.5 ESR version: https://civicrm.org/esr
Laden...
Laden...
© 2024