alfio-event/alf.io 2.0-M4-2301
Alf.io 2.0-M4-2301

on GitHub

latest releases: 2.0-M5, 2.0-M4-2407, 2.0-M4-2402-3...

22 months ago

Alf.io 2.0-M4-2301 (2023-01-14)

Security fixes

CVE-2023-0300 (low severity) - Self-inflicted XSS
CVE-2023-0301 (low severity) - Prevent organizers to insert dangerous link within their event description

please note that both security fixes are related to the Backoffice application. The "public" application was not impacted.

thanks to @huntr-helper contributors!

Improvements

Organization APIs at system level #1083 (sponsored by Eventplane)
API for linking Subscriptions to an Event #1087 (sponsored by Eventplane)

Bug fixed

Cannot search reservation by invoice number #1090
Remove button should not be displayed for checked-in tickets #1093
Various errors when selecting / deselecting the payment method #1100
Error on "Confirmed" items on the Additional services page #1108
Stripe API not working as expected #1159 (thanks to @icougil for reporting it and for helping us debugging it)

Check out latest releases or
releases around alfio-event/alf.io 2.0-M4-2301

Don't miss a new alf.io release

NewReleases is sending notifications on new releases.

Get notifications