[Vtigercrm-developers] Vtiger CRM 7.1.0 (hotfix3) Released

Prasad prasad at vtiger.com
Wed Apr 3 06:29:41 GMT 2019

Dear members,

Vtiger 7.1.0 (Hotfix3) is now available.

Download hotfix: vtigercrm7.1.0-hotfix3.zip

This patch addresses the following:

   1. Possibility of SQL injection by authenticated user.
   2. Insufficient permission checking on "roleid" parameter during profile
   edition <http://code.vtiger.com/vtiger/vtigercrm/issues/1126>

Thanks to Mohnish Dhage and Samuel De Grace for sharing details to help us
get to root-cause and devise the fix.


   1. We have patched the 7.1.0 files
   <https://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%207.1.0/> -
   so new downloads doesn't need hotfixes.
   2. We recommend you to patch older version (refer commit-1
   and commit-2
   or migrate to 7.1.0

If you have more questions please feel free to discuss on this thread.

Vtiger Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20190403/203c2621/attachment.html>

More information about the vtigercrm-developers mailing list