Be sure to check our Hotfix instructions before starting the hotfix process.It might save you some trouble afterwards.
Fixed bugs:
Fixed bugs:
- Security (Critical) - Underscore.js library update to v1.13.7 - The Underscore.js library contained a critical vulnerability: Arbitrary Code Execution. The hotfix addresses this security vulnerability by updating the library to version 1.13.7.
- Security (Moderate) - Stored XSS via media library upload - As an authenticated user, it was possible to distribute a malicious payload by abusing media library file upload and following certain specific steps.
- Security (Moderate) - Froala editor update to v4.5.0 - The hotfix updates the Froala WYSIWYG editor used in the 'Rich text' page builder widget to version 4.5.0, which addresses security vulnerabilities in the previous version.