Commit | Line | Data |
---|---|---|
811554c0 TO |
1 | # CiviCRM 4.7.26 |
2 | ||
3 | Released Nov 1, 2017 | |
4 | ||
5 | - **[Security advisories](#security)** | |
166e5aaa | 6 | - **[Credits](#credits)** |
811554c0 TO |
7 | |
8 | ## <a name="security"></a>Security advisories | |
9 | ||
10 | ||
11 | - **[CIVI-SA-2017-08](https://civicrm.org/advisory/civi-sa-2017-08-xss-in-html-link-attributes)** XSS in HTML link attributes | |
12 | - **[CIVI-SA-2017-09](https://civicrm.org/advisory/civi-sa-2017-09-shell-injection-vulerabilty-in-smarty)** Shell injection vulerabilty in Smarty | |
13 | - **[CIVI-SA-2017-10](https://civicrm.org/advisory/civi-sa-2017-10-xss-scripting-in-preimum-product-name)** XSS scripting in preimum product name | |
14 | - **[CIVI-SA-2017-11](https://civicrm.org/advisory/civi-sa-2017-11-xss-in-dedupe-rules)** XSS in dedupe rules | |
15 | - **[CIVI-SA-2017-12](https://civicrm.org/advisory/civi-sa-2017-12-xss-in-tag-description)** XSS in tag description | |
16 | - **[CIVI-SA-2017-13](https://civicrm.org/advisory/civi-sa-2017-13-selectedchild-url-paramater-not-properly-validated-for-civicrm-message)** SelectedChild URL parameter not properly validated | |
17 | - **[CIVI-SA-2017-14](https://civicrm.org/advisory/civi-sa-2017-14-xss-in-search-critiera-description)** XSS in Search Critiera Description | |
18 | - **[CIVI-SA-2017-15](https://civicrm.org/advisory/civi-sa-2017-15-extension-key-not-properly-validated-when-adding-or-disabling-or)** Extension key not properly validated | |
19 | - **[CIVI-SA-2017-16](https://civicrm.org/advisory/civi-sa-2017-16-sql-injection-risk-in-civireports-listing)** SQL injection risk in CiviReports | |
166e5aaa TO |
20 | |
21 | ## <a name="credits"></a>Credits | |
22 | ||
23 | This release was developed by the following code authors: | |
24 | ||
25 | Australian Greens - Seamus Lee; Left Join Labs - Sean Madsen | |
26 | ||
27 | Most authors also reviewed code for this release; in addition, the following | |
28 | reviewers contributed their comments: | |
29 | ||
30 | CiviCRM - Coleman Watts; JMA Consulting - Monish Deb; Wikimedia Foundation - | |
31 | Eileen McNaughton |