Commit 211e7fc6 authored by Seamus Lee's avatar Seamus Lee

WIP Release Notes for security release

Update Release notes based on Tim's Review and likely drop of 5.13.3
parent 2051296c
# CiviCRM 5.13.4
Released May 15, 2019
- **[Security advisories](#security)**
- **[Features](#features)**
- **[Bugs resolved](#bugs)**
- **[Miscellany](#misc)**
- **[Credits](#credits)**
## <a name="security"></a>Security advisories
- **[CIVI-SA-2019-09](** XXE in PHPWord
- **[CIVI-SA-2019-10](** TcpDF XSS and RCE vulnerabilities
- **[CIVI-SA-2019-11](** JQuery Object.prototype pollution
- **[CIVI-SA-2019-12](** SQLI in building Country, State or County Options
- **[CIVI-SA-2019-13](** Harden against unsearlize vulnerabilities
- **[CIVI-SA-2019-14](** SQLI in APIv3 GetOptions
- **[CIVI-SA-2019-15](** XSS via forged MIME Type
- **[CIVI-SA-2019-16](** SQLI in certain checkboxes
- **[CIVI-SA-2019-17](** SQLI in "Manage Events"
- **[CIVI-SA-2019-18](** XSS in CiviCRM installer
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment