Skip to content

v3.1.47
Compare
Choose a tag to compare
@wisskid wisskid released this 14 Sep 11:32
· 267 commits to master since this release
v3.1.47
a09364f

If you use the {mailto} plugin in your templates, please check if you are escaping the address value explicitly like this {mailto address=$htmladdress|escape}. This could cause problems through double escaping.

Security

  • Applied appropriate javascript and html escaping in mailto plugin to counter injection attacks #454

Fixed

  • Fixed use of rand() without a parameter in math function #794
  • Fixed unselected year/month/day not working in html_select_date #395
Assets 2
Loading