<div dir="ltr"><font color="#000000"><font face="verdana,sans-serif">Hi All,</font></font><div><font face="verdana, sans-serif"><br></font></div><div><font face="verdana, sans-serif">We released a security patch for 5.4.0 that fixes the following security issues.</font></div>


<div><ul><li><font face="verdana, sans-serif">Local File Inclusion</font></li>
                <li><font face="verdana, sans-serif">Local File Deletion</font></li>
                <li><font face="verdana, sans-serif">SQL Injection</font></li>
                <li><font face="verdana, sans-serif">PHP Code Injection</font></li>
                <li><font face="verdana, sans-serif">Cross site scripting</font></li>
                <li><font face="verdana, sans-serif">Arbitrary File Upload</font></li>
                <li><font face="verdana, sans-serif">Authentication Bypass vulnerabilities(SOAP API's)</font></li>
        </ul>


        <p><font face="verdana, sans-serif">We would like to thank </font><strong style="font-family:verdana,sans-serif">Nick Freeman</strong><span style="font-family:verdana,sans-serif"> from <a href="http://security-assessment.com" target="_blank">security-assessment.com</a> and </span><strong style="font-family:verdana,sans-serif">Egidio </strong><font face="verdana, sans-serif">for reporting these vulnerabilities. <br>


<br></font></p>


        <p><font face="verdana, sans-serif"><b>Download Links</b> :</font></p><p><font face="verdana, sans-serif"><a href="https://www.vtiger.com/crm/open-source-downloads/" target="_blank">https://www.vtiger.com/crm/open-source-downloads/</a> or</font></p>


<p><font face="verdana, sans-serif"><a href="http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%205.4.0/Core%20Product/VtigerCRM540_Security_Patch.zip" target="_blank">http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%205.4.0/Core%20Product/VtigerCRM540_Security_Patch.zip</a></font></p>


<p><br></p><div><div><div dir="ltr"><p><span style="font-family:verdana,sans-serif"><b><i>Note:</i></b> We recommend taking a backup of your source directory before you unpack the patch in the source directory.</span></p>





        <p><b style="font-family:verdana,sans-serif">  </b></p><font face="verdana, sans-serif"><span style="color:rgb(102,102,102)">Thanks,</span><br><font style>Apparao G</font><br>
<br><b style="color:rgb(51,51,51)"><font style="color:rgb(102,102,102)"><img src="https://gpmb7.vtiger.com/test/logo/vt1.PNG" height="24" width="96"><font size="1">TEAM</font></font></b><br>
<br><b>Connect with us on: </b><a href="http://vtiger.com/" target="_blank">Website</a><b> </b><b>I</b> <a href="http://twitter.com/#%21/vtigercrm" target="_blank">Twitter</a> <b>I</b> <a href="http://www.facebook.com/pages/vtiger/226866697333578?sk=wall" target="_blank">Facebook</a> <b>I</b> <a href="http://blog.vtiger.com/" target="_blank">Blog</a><b> I</b> <a href="http://wiki.vtiger.com/index.php/Main_Page" target="_blank">Wiki</a> <b>I </b><a href="http://forums.vtiger.com/" target="_blank">Forums </a> </font><br>


<span style="color:rgb(102,102,102)"><span></span><b><span></span></b></span></div></div>
</div></div></div>