4.10.9

emteknetnz released this 28 Jun 05:31

· 13 commits to 4.10 since this release

What's Changed

CVE-2021-41559 Disable xml entities by @emteknetnz in #10376
[CVE-2022-25238] Sanitise htmlfields serverside by default by @emteknetnz in #10375
[CVE-2022-28803] Block XSS in links and iframes. by @GuySartorelli in #10374

Full Changelog: 4.10.8...4.10.9

Contributors

emteknetnz and GuySartorelli

Assets 2