@protich protich released this Mar 22, 2018 · 161 commits to develop since this release

Assets 3

Performance and Security

  • Prevent Account Takeover (be0133b)
  • Prevent Agent Directory XSS (36651b9)
  • Httponly Cookies (5b2dfce)
  • File Upload Bypass (3eb1614)
  • Only allow image attachments to be opened in the browser window (4c79ff8)
  • Fix randNumber() (5b8b95a)
  • CSRF in users.inc.php URL (285a292)
  • AJAX Reflected XSS (e919d8a)