4.16.18
·
15688 commits
to 5.x
since this release
4.16.18
brandonkelly
Brandon Kelly
This tag was signed with the committer’s verified signature.
brandonkelly
Brandon Kelly
fc46694
This commit was signed with the committer’s verified signature.
brandonkelly
Brandon Kelly
- The
utils/fix-field-layout-uidscommand now checks for duplicate top-level field layout UUIDs. (#18193) - Fixed a bug where all plugin settings were being saved to the project config, rather than just posted settings. (craftcms/commerce#4006)
- Fixed a bug where custom selects could be positioned incorrectly after the window was resized. (#18179)
- Fixed an error that could occur when logging a deprecation warning, if the backtrace contained any non-UTF-8-encoded strings. (#18218)
- Fixed a bug where it wasn’t possible to view assets if they had exactly 50 subfolders alongside them. (#18213)
- Fixed SSRF vulnerabilities. (GHSA-96pq-hxpw-rgh8, GHSA-m5r2-8p9x-hp5m, GHSA-8jr8-7hr4-vhfx)
- Fixed a SQL injection vulnerability. (GHSA-2453-mppf-46cj)
- Fixed an XSS vulnerability. (GHSA-9f5h-mmq6-2x78)
- Fixed a permission escalation vulnerability. (GHSA-fxp3-g6gw-4r4v)
- Fixed an RCE vulnerability. (GHSA-7jx7-3846-m7w7)