Page History
Table of Contents | ||||
---|---|---|---|---|
|
Changes in DSpace 3.6
This release includes the following security fix. This ticket requires a valid JIRA account to view the details:
- DS-3094 - XMLUI Directory Traversal Vulnerability
Changes in DSpace 3.5
This release includes the following JSPUI security fixes. All of these tickets require a valid JIRA account to view the details:
- DS-2736 - Cross-site scripting (XSS injection) is possible in JSPUI Discovery search results/form
- DS-2737 - Expression language injection (EL Injection) is possible in JSPUI search interface.
Changes in DSpace 3.4
This release includes the following security fixes. All of these tickets require a valid JIRA account to view the details:
- DS-1702 - Cross-site scripting (XSS injection) is possible in JSPUI Recent Submissions listings
- DS-2044 - Cross-site scripting (XSS injection) is possible in JSPUI Discovery search form
- DS-2445 - XMLUI Directory Traversal Vulnerabilities
- DS-2448 - JSPUI Directory Traversal Vulnerability
Changes in DSpace 3.3
Bug Fixes
Jira | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
...
Overview
Content Tools