3.4.3 release notes
What’s new in 3.4.3
Security Fixes
- Fixed a security vulnerability in the page redirect field which allowed users to insert JavaScript code.
- Fixed a security vulnerability where the
next
parameter for the toolbar login was not sanitised and could point to another domain.
Thanks
Thanks to Mark Walker and Anthony Steinhauser for reporting the security issues.
当前内容版权归 Django CMS 或其关联方所有,如需对内容或内容相关联开源项目进行关注与资助,请访问 Django CMS .