Overview

Welcome to Znuny LTS version 6.5.8

Security Vulnerabilities Fixed

• Fixed security issue with uploaded files that could be used for remote code execution (CVE-2024-32491). Thanks to Martino Spagnuolo for reporting and providing the fix.

• Fixed SQL injection issue when using the draft functinality (CVE-2024-32493). Thanks to Martino Spagnuolo for reporting the issue.

Issues Fixed

• Fixed session handling when saving user preferences.

• Fixed usage of multiple database objects in customer and customer user database backend. (#540)

Read about all changes in the CHANGES.md. See the commits on GitHub for a list of all changes.