Security/Component Update:
Component Update:
-
Updated the Spring Boot framework to version 2.7.5 to avoid
CVE-2022-42252.
-
Updated the Jackson Databind library to version 2.13.4.
-
Updated the babel-loader (9.1.0), css-loader (6.7.2), style-loader (3.3.1), webpack (5.75.0),
and webpack-cli (4.10.0) to remove dependencies of the loader-utils to avoid vulnerabilities associated with
CVE-2022-37601.
Email notifications/Security:
-
The content of the comments is sanitized before being included in an email notification.
Component Update:
- Updated the Spring Boot Dependencies library to version 2.7.0 to avoid various vulnerabilities.
Security/Component Update:
- Updated the Moment.js library to version 2.29.3 to avoid CVE-2022-24785.
- Updated the Spring Boot Dependencies library to version 2.7.1 to avoid CVE-2018-11040.
Authentication:
- Unauthenticated users trying to access resources that belong to an organization are automatically redirected to that
organization's login page, which already contains the organization ID pre-filled.
Organization Profile:
- Fixed an issue where the organization logo was not updated in the application header bar after it was changed in the Organization Profile page.
Page ratings
- Fixed an issue where page ratings statistics could not be accessed by users that have site-level administration rights.
Component Update
- Updated the spring-boot-dependencies library to version 2.6.7.
- Updated the spring-web library to version 5.3.19.
Email notifications
- Fixed an issue where email notifications were not sent to moderators when a reply was added to a moderator's comment.
Organization Members
- Pending invitations are now sorted by date in descending order.
Comments Administration page
- Fixed an issue where the Approve action was available on a deleted comment instead of the Restore action.