Loading...
There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
CiviCRM v5.24.3 CiviCRM v5.21.3 ESRBelow are the security advisories details:
CIVI-SA-2020-01: Sanitize Entity Name CIVI-SA-2020-02: API Key Disclosure CIVI-SA-2020-03: PHP Code Execution via Phar Deserialization CIVI-SA-2020-04: Cross Site Scripting within CiviCase Reports CIVI-SA-2020-05: SQL Injection in Campaign Summary and Delete Activity CIVI-SA-2020-06: SQLI in Query Builder CIVI-SA-2020-07: CSRF in Scheduled Jobs CIVI-SA-2020-08: XSS via JS librariesA couple of other issues have been fixed in these releases, as described in the official announcement.
Upgrade now for the most stable CiviCRM experience:
To download CiviCRM 5.24.3: https://civicrm.org/download To download CiviCRM 5.21.3 ESR version: https://civicrm.org/esr
Loading...
Loading...