Package itop-php8.1: Information

PHP8.1 dependencies for itop
- New version 3.1.1.1
- Security fixes:
 + CVE-2023-48710 : Restrict pages/exec.php to PHP files
 + CVE-2023-48709 : Fix CSV injection in Excel from an iTop CSV export file
 + CVE-2023-46734 : Fix potential XSS vulnerabilities in TWIG CodeExtension filters
 + CVE-2023-47123 : Fix XSS vulnerability in n:n relations "tagset" widget
 + CVE-2023-47622 : Fix XSS vulnerabilities in ajax operations
 + CVE-2023-47626 : Fix XSS vulnerabilities in authent token
 + CVE-2023-44396 : Fix XSS vulnerabilities in dashlet ajax operations
 + CVE-2023-43790 : Fix XSS vulnerabilities in friendlyname in object details
 + CVE-2023-38511 : Fix dashboard allowing to load multiple files and urls
 + CVE-2023-45808 : Fix object creation in non allowed org by forging http query in both Console and Portal
- New version 3.1.0.2
- Security fixes:
 + CVE-2022-24894 : Prevent storing cookie headers in HttpCache (Symfony framework vulnerability)
 + CVE-2022-31402 : XSS vulnerability via /itop/webservices/export-v2.php
 + CVE-2022-39261 : Twig lib vulnerability
- Added itop-php8.1
- Deleted itop-php8.0
- New version 3.0.3
- Security fixes:
 + CVE-2021-46743 : Firebase PHP-JWT key/algorithm type confusion
 + CVE-2022-31403 : XSS vulnerability via /itop/pages/ajax.render.php
 + CVE-2022-31402 : XSS vulnerability via /itop/webservices/export-v2.php
- Added itop-php8.0
- Deleted itop-php7

Package itop-php8.1: Information

Last changed