Vulnerabilities

VT-4380 No Rate Limiting on Forgot Password

VT-4574 resetPassword.jsp Reflected Cross Site Scripting

VT-4575 Pre-authentication blind XXE using license validation endpoint

VT-4576 UsageDashboardController - Authentication Bypass and SQL Injection

VT-4577 XXE in importBestPractice

VT-4599 Restrict the size of user input in forget password flow

VT-4648 Upgrade JQueryUI

VT-4672 Add rate limiting to SSO requests

Bug Fixes

VT-4376 Cloud Admin users trigger intercom errors

VT-4618 SSO metadata file generated every time you hit the login page

VT-4670 Restoring a local backup to an external database