[Vtigercrm-developers] Security Update: RelatedListView SQLi Fix for 7.4.0
Prasad
prasad at vtiger.com
Wed Jan 19 00:31:48 GMT 2022
Dear members,
We have released a hotfix for 7.4.0 that addresses SQLi vulnerability
in the Related Listview record counting.
Kindly download (vtigercrm7.4.0-hotfix1.zip
<https://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%207.4.0/Core%20Product/vtigercrm7.4.0-hotfix1.zip/download>)
and unzip into your CRM root directory.
Find more details on our tracker #1675
<https://code.vtiger.com/vtiger/vtigercrm/issues/1675>
Regards,
Prasad
On Tue, Jan 18, 2022 at 9:01 PM Prasad <prasad at vtiger.com> wrote:
> Dear members,
>
> Thanks to Synacktiv security advisory for responsible disclosure of
> possible SQLi and helping us track it.
>
> You can find more details on our tracker #1675
> <https://code.vtiger.com/vtiger/vtigercrm/issues/1675>
> and the fix commit
> <https://code.vtiger.com/vtiger/vtigercrm/commit/f103ea3982aba12b49209edf2bb81ff8a27e48f4>
> .
>
> We request your assistance to validate the fix so we can
> proceed with the hotfix patch release.
>
> Regards,
> Prasad
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20220119/40d80b34/attachment.html>
More information about the vtigercrm-developers
mailing list