This is a security release, upgrading is highly recommended
Non exhaustive list of changes:
- [security] Bad chevrons rendering on dropdowns (#5468)
- [security] Iframe and forms are rendered in rich text contents (#5519)
- [security] Type juggling authentication bypass (#5520)
- [security] Malicious images upload (#5580)
- [security] Password token date was not reset (#5577)
- [security] Prevent timed attack and enforce cookie security (#5562)
- [security] Prevent external redirections
- And more!