Security Updates
ID | Description |
|---|---|
1380326 | Resolved the CrossāSite Scripting (XSS) vulnerability in eCase (Audit) and eCase Admin. |
1355902 | Upgraded jQuery to version 3.7.1 and Bootstrap to version 4.6.2 to address the identified security vulnerabilities. |
1376287 | Addressed a security vulnerability that allows unauthorized access to uploaded files through predictable request parameters, ensuring proper authorization checks are enforced to prevent exposure, modification, or deletion of sensitive user data. |
1370648 | Resolved a security issue where unvalidated user input was passed into sorting functionality, leading to errors and unintended data exposure, by enforcing proper input validation to prevent unauthorized access to internal system information. |
1370648 | Addressed a security vulnerability where unvalidated user input in database queries could alter intended execution behavior, ensuring proper input handling to prevent unauthorized data access or manipulation. |
1370648 | Handled a security vulnerability where untrusted input could inject malicious scripts into the application, ensuring proper handling to prevent unauthorized script execution and protect end users from CrossāSite Scripting (XSS) attacks. |
1370648 | Mitigated a security vulnerability where untrusted input could inject malicious scripts into the application, ensuring proper validation and protection against CrossāSite Scripting (XSS) attacks to prevent unauthorized script execution. |
1370648 | Implemented strict serverāside role validation for all sensitive resources and actions, ensuring only authorized roles can execute privileged operations and significantly reducing the risk of privilege escalation attacks. |
1369751 | Added serverāside checks to attachment APIs to block unauthorized access and prevent IDOR attacks. |
Bug Fixes
ID | Description |
|---|---|
1397235 | Fixed an issue where the updated Delegate Approver value was not being saved after profile updates, ensuring the selected approver now persists correctly. |
1398243 | Resolved a defect where the User Invitation Email contained a nonāfunctional application link, ensuring the link now works properly for new users. |
1406821 | Addressed an issue where saving a document did not replace letter template tags upon reopening, implementing reliable tag rendering to ensure placeholders are correctly processed. |