Implemented enhancements:
- improve export filename #2958
Fixed bugs:
- CSRF Tokens are not properly refreshed on some form submissions #2947 #2948 - thanks @tdozbun-reno
- escape customer, project and activity name in javascript #2959
- escape data in calendar popover #2960
- make sure that markdown uses safe mode #2961
- improve permission handling in invoice screen #2965
This is a security release that fixes several possible security issues. My thanks go out to @tdozbun-reno and @Asura-N and @lethanhphuc and @Haxatron for you discrete disclosure and being part of the huntr community!