LORIS Release v23.0.5 #7533

driusan · 2021-08-16T15:38:17Z

driusan
Aug 16, 2021
Maintainer

This bugfix release includes all bug fixes since the 23.0.4 release.

For a full list of changes follow this link

Noteworthy changes:

[Publication] Set Content-Type for ajax responses. This could lead to an XSS attack if a user is tricked into directly accessing an ajax endpoint. The frontend was not directly vulnerable. ([Publication] Set Content-Type for ajax responses #7532)
[Configuration] Fix saving of values when no previous value present ([Configuration] Fix saving of values when no previous value present #7507)
[Raisinbread] Fixing help_editor module to display RB instrument instructions ([Raisinbread] Fixing help_editor module to display RB instrument instructions #6907)
[Config] assign user creating project to a newly created project ([Config] Assign user creating project to a newly created project #7505)
[Filter] Fix Menu Filter logic to use exact match for "Sex" fields ([Filter] Fix Menu Filter logic to recognise sex for exact match #7498)

This discussion was created from the release LORIS Release v23.0.5.