Page tree

    This section lists bugs that are resolved in this release.

    Referenced PR ID

    Description

    INST-7486Security: Microsoft ASP.NET MS-DOS Device Name
    INST-8488Security: User activity auditing capability
    INST-10841Compare view displays revisions incorrectly in full screen mode
    INST-12117Security: Session Token in URL
    INST-12118Security: Session cookie set with the Secure flag
    INST-12907Preview - Approve All button is greyed out when redeeming Secure Link for selected pages
    INST-13211Failed uploads missing in job history
    INST-13223Security: reCAPTCHA implementation
    INST-13258Managed Services: Set Application Pools to AlwaysRunning
    INST-13400Security: Adding users through spreadsheet allows them login without password change
    INST-13523Security: Path-relative stylesheet import (PRSSI) vulnerability
    INST-13534Security: HTML5 Local storage enabled
    INST-13578Pressproof - improved memory performance
    INST-13590PressProof - Surface renders when not supposed to, but doesn't rewrite surface PNG file
    INST-13608Security: CSP: Wildcard Directive, CSP: style-src unsafe-inline, and Absence of Anti-CSRF Tokens issues
    INST-13617Security: Zero day log4j vulnerability
    INST-13621RBA: Create User action completes but not creating a user
    INST-13637Security: HTTP header information
    INST-13638Security: Confirmation email not sent on user password change
    INST-13639Security: Sensitive data cached
    INST-13640Security: Cookie missing HTTPOnly flag
    INST-13641Security: Host header injection vulnerability
    INST-13642Security: Email bombing
    INST-13645Security: Passwords in plain text
    INST-13651Security: Block uploads of a webshell and execute “tasklist”
    INST-13673Page selection acts wrong when sorted by Position
    INST-13689Server error on administration page after satellite join to enterprise.
    • No labels