Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-44662: Xerte 3.8.5: Important Security Update now available

A Site Scripting (XSS) vulnerability exists in the Xerte Project Xerte through 3.8.4 via the link parameter in print.php.

CVE
#xss#vulnerability

The xerte project blog****News, Articles and Resources

The Xerte Developer Team are pleased to announce the latest release, v3.8.5.

Download from https://xerte.org.uk

This release contains some important and essential security updates and we are urging all users to update their installations to the latest code-base as a matter of urgency. This update addresses some potential vulnerabilities that have come to light recently (thank you Rik Lutz and Tom Reijnders!), and we strongly recommend that you update your Xerte installation to the latest code as soon as possible. We recommend that this update is treated as an exception to normal change management schedules and that all Xerte installations, no matter how old, are upgraded to 3.8.5 ASAP.

The release also contains a number of enhancements and fixes including fixes and improvements to:

Documentation page download

Accessibility of all hotspot interactions

SCORM history and other fixes

Audio player

PDF page

MCQ browser specific issues

Bootstrap navigation and deep linking

Bootstrap stand alone pages

Security issues

Thank you to all members of our amazing community, keep smiling in these challenging times!

The Xerte Developer Team

Category

Main Pages

Quick Links

Support

External resources

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907