This documentation relates to an old version of DSpace, version 5.x. Looking for another version? See all documentation.
Support for DSpace 5 ended on January 1, 2023. See Support for DSpace 5 and 6 is ending in 2023
Changes in DSpace 3.6
Changes in DSpace 3.5
Changes in DSpace 3.4
This release includes the following security fixes.
- DS-1702 - Cross-site scripting (XSS injection) is possible in JSPUI Recent Submissions listings
- DS-2044 - Cross-site scripting (XSS injection) is possible in JSPUI Discovery search form
- DS-2445 - XMLUI Directory Traversal Vulnerabilities
- DS-2448 - JSPUI Directory Traversal Vulnerability
Changes in DSpace 3.3
Changes in DSpace 3.2
This release also includes the following security fix:
- DS-1603 - Resolves a security issue in JSPUI
Changes in DSpace 3.1