[Vtigercrm-developers] Security Update: RelatedListView SQLi Fix for 7.4.0
Angelo Paglialonga
info at angelopaglialonga.com
Wed Jan 19 15:36:29 GMT 2022
Thank you Prasad!
_______________
Angelo Paglialonga
Consulente per soluzioni CRM ad alto ROI.
Telefono: 3386077866
Skype: angelo.paglialonga
Web: https://www.angelopaglialonga.com
> Il giorno 19 gen 2022, alle ore 01:31, Prasad <prasad at vtiger.com> ha scritto:
>
> Dear members,
>
> We have released a hotfix for 7.4.0 that addresses SQLi vulnerability
> in the Related Listview record counting.
>
> Kindly download (vtigercrm7.4.0-hotfix1.zip <https://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%207.4.0/Core%20Product/vtigercrm7.4.0-hotfix1.zip/download>) and unzip into your CRM root directory.
> Find more details on our tracker #1675 <https://code.vtiger.com/vtiger/vtigercrm/issues/1675>
>
> Regards,
> Prasad
>
> On Tue, Jan 18, 2022 at 9:01 PM Prasad <prasad at vtiger.com <mailto:prasad at vtiger.com>> wrote:
> Dear members,
>
> Thanks to Synacktiv security advisory for responsible disclosure of
> possible SQLi and helping us track it.
>
> You can find more details on our tracker #1675 <https://code.vtiger.com/vtiger/vtigercrm/issues/1675>
> and the fix commit <https://code.vtiger.com/vtiger/vtigercrm/commit/f103ea3982aba12b49209edf2bb81ff8a27e48f4>.
>
> We request your assistance to validate the fix so we can
> proceed with the hotfix patch release.
>
> Regards,
> Prasad
> _______________________________________________
> http://www.vtiger.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20220119/aa0e89b9/attachment.html>
More information about the vtigercrm-developers
mailing list