<div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Dear members,</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">We have released a hotfix for 7.4.0 that addresses SQLi vulnerability </div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">in the Related Listview record counting.</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Kindly download (<a href="https://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%207.4.0/Core%20Product/vtigercrm7.4.0-hotfix1.zip/download">vtigercrm7.4.0-hotfix1.zip</a>) and unzip into your CRM root directory.</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><div class="gmail_default">Find more details on our tracker <a href="https://code.vtiger.com/vtiger/vtigercrm/issues/1675" target="_blank">#1675</a></div><div class="gmail_default"><br></div><div class="gmail_default">Regards,</div><div class="gmail_default">Prasad</div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jan 18, 2022 at 9:01 PM Prasad <<a href="mailto:prasad@vtiger.com">prasad@vtiger.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Dear members,</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Thanks to Synacktiv security advisory for responsible disclosure of <br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">possible SQLi and helping us track it. </div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">You can find more details on our tracker <a href="https://code.vtiger.com/vtiger/vtigercrm/issues/1675" target="_blank">#1675</a> </div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">and the <a href="https://code.vtiger.com/vtiger/vtigercrm/commit/f103ea3982aba12b49209edf2bb81ff8a27e48f4" target="_blank">fix commit</a>.</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">We request your assistance to validate the fix so we can </div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">proceed with the hotfix patch release.</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Regards,</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Prasad</div></div>
</blockquote></div>