Maintenance releases including security fixes for Cross-Site Scripting (XSS) issues have just been released. We advise all installations to upgrade; releases can be downloaded from our website.
Patched vulnerabilities:
- 22537: CVE-2017-6973 – XSS in adm_config_report.php (affects 1.3.0-rc.2 and later)
Additionally, version 2.1.1 also includes fixes previously released in 1.3.7 and 2.2.1: