3.4.3 release notes#
What’s new in 3.4.3#
Security Fixes#
Fixed a security vulnerability in the page redirect field which allowed users to insert JavaScript code.
Fixed a security vulnerability where the
next
parameter for the toolbar login was not sanitised and could point to another domain.
Thanks#
Thanks to Mark Walker and Anthony Steinhauser for reporting the security issues.