3.4.3 release notes#

What’s new in 3.4.3#

Security Fixes#

  • Fixed a security vulnerability in the page redirect field which allowed users to insert JavaScript code.

  • Fixed a security vulnerability where the next parameter for the toolbar login was not sanitised and could point to another domain.

Thanks#

Thanks to Mark Walker and Anthony Steinhauser for reporting the security issues.