Vulnerability Fixes:
- The SQL injection vulnerability in ‘getDeviceCompleteDetails’ and ‘getAssociatedCredentials’ API’s have been fixed.
- General : There was an SQL injection vulnerability in the Alarms section. This issue has been fixed.
- General : In Alarms, there was an XSS vulnerability in the Notes column. This issue has been fixed.
- General : Apache’s ‘commons-beanutils’ jar has been updated to version 1.9.3 due to ‘Remote Code Execution’ vulnerability in an older version. (Refer: CVE-2018-19403)
- General : Unauthenticated access to ‘DataMigrationServlet’ has been fixed. (Refer: CVE-2018-19403)
- General : The ‘Browser Cookie theft’ vulnerability has been fixed.
- The issue with NBAR application data in Wireless Controllers has been fixed.
- Missing I18N keys have been added for Chinese language.
Other recent articles in the same category
You may be interested in these other recent articles
Last Week Best ManageEngine Updates – Part 31
18 December 2023 | Nazim Nadir
Right before Christmas, ManageEngine is giving out their quality of life updates. From ServiceDesk Plus to M365 Manager Plus, you will see plenty of updates…
Read moreLast Week’s Best ManageEngine Updates – Part 30
6 December 2023 | Nazim Nadir
ManageEngine is named a strong performer for 2023 in last week updates. There are also new updates to their suite of applications and they have…
Read moreLast Week’s Best ManageEngine Updates – Part 29
27 November 2023 | Nazim Nadir
Exciting news of ManageEngine Linkedin Live webinar has been announced alongside some application updates and the release of a new E-Book. Whether you’re new to…
Read more