##// END OF EJS Templates
comments: fix extracing auth_user from the passed in objects. Before if auth_user is empty we could relly on INT or STR passed in
comments: fix extracing auth_user from the passed in objects. Before if auth_user is empty we could relly on INT or STR passed in

File last commit:

r1:854a839a default
r3026:71b96937 stable
Show More
release-notes-3.2.1.rst
18 lines | 260 B | text/x-rst | RstLexer

|RCE| 3.2.1 |RNS|

General

  • 2015-04-20

fixes

  • Security: Fixed a potential XSS vulnerability in user names and user group descriptions.
  • Style: Fixed a form misalignment for the management of user group permissions.