If you use the {mailto} plugin in your templates, please check if you are escaping the address value explicitly like this {mailto address=$htmladdress|escape}. This could cause problems through double escaping.
What's Changed
Security
- Applied appropriate javascript and html escaping in mailto plugin to counter injection attacks #454
Fixed
- Fixed PHP8.1 deprecation errors in modifiers (upper, explode, number_format and replace) #755 and #788
- Fixed PHP8.1 deprecation errors in capitalize modifier #789
- Fixed use of
rand()without a parameter in math function #794 - Fixed unselected year/month/day not working in html_select_date #395
New Contributors
Full Changelog: v4.2.0...v4.2.1