From 56d79d7db88f3a939f7124298fd0ee6ec4804af1 Mon Sep 17 00:00:00 2001 From: Bernd Bestel Date: Wed, 14 Oct 2020 23:11:00 +0200 Subject: [PATCH] Added changelog for #996 --- changelog/60_UNRELEASED_2020-xx-xx.md | 1 + 1 file changed, 1 insertion(+) diff --git a/changelog/60_UNRELEASED_2020-xx-xx.md b/changelog/60_UNRELEASED_2020-xx-xx.md index 8dc3f43a..0dc984a8 100644 --- a/changelog/60_UNRELEASED_2020-xx-xx.md +++ b/changelog/60_UNRELEASED_2020-xx-xx.md @@ -136,6 +136,7 @@ - Replaced (again, added before in v2.7.0, then reverted in v2.7.1 due to some problems) [QuaggaJS](https://github.com/serratus/quaggaJS) (seems to be unmaintained) by [Quagga2](https://github.com/ericblade/quagga2) - More `config.php` settings (see the section `Component configuration for Quagga2`) to tweak Quagga2 (this is the component used for device camera for barcode scanning) (thanks @andrelam) - Some localization string fixes (thanks @duckfullstop) +- Fixed that XSS / HTML injection was possible through some user input fields (low severity / not really a problem as this could not be abused unauthenticated) - New translations: (thanks all the translators) - Greek (demo available at https://el.demo.grocy.info) - Korean (demo available at https://ko.demo.grocy.info)