Request Demo

5.11.3

  • November 1, 2023

Security

  • Fixed an XSS in the custom logo component (Thanks Astrid Tedenbrant and Outpost24 for reporting this) [GL:XI#412] – BB
  • Fixed a Remote Code Execution vulnerability in the Core Config Manager (Thanks Abdulmohsen Nasser Alotaibi for reporting this) [GL:XI#383] – SNS
  • Fixed an XSS vulnerability in the Graph Explorer component (Thanks Aleksey Solovev from Positive Technologies for reporting this) [GL:XI#384] – SG
  • Fixed an XSS vulnerability in bandwidthreport component (Thanks Aleksey Solovev from Positive Technologies for reporting this) [GL:XI#385,#463] – SG
  • Fixed an XSS vulnerability in Bulk Modifications component (Thanks Aleksey Solovev from Positive Technologies and Abdulmohsen Nasser Alotaibi for reporting this) [GL:XI#386] – SG
  • Fixed a CSRF and XSS vulnerability in the custom-includes component (Thanks Aleksey Solovev from Positive Technologies for reporting this) [GL:XI#387] – BB
  • Fixed a CSRF and XSS vulnerability in the hypermap replay component (Thanks Aleksey Solovev from Positive Technologies for reporting this) [GL:XI#388] – BB
  • Fixed an XSS vulnerability in the CCM (Thanks Aleksey Solovev from Positive Technologies for reporting this) [GL:XI#389] – BB
  • Fixed several SQL injection vulnerabilities in the Bulk Modifications Tool (Thanks Aleksey Solovev from Positive Technologies for reporting this) [GL:XI#390] – SG
  • Fixed a shell injection vulnerability in the Manage MIBs page (Thanks Aleksey Solovev from Positive Technologies for reporting this) [GL:XI#392] – SG
  • Fixed an XSS vulnerability in Manage Users (Thanks Oliver Brooks and Colin Brum from NCC Group for reporting this) [GL:XI#429] – BB
  • Fixed a PHP code injection vulnerability in the graph template editor (Thanks Oliver Brooks and Colin Brum from NCC Group for reporting this) [GL:XI#430] – BB
  • Fixed a Remote Code Execution vulnerability in the Core Config Manager (Thanks Abdulmohsen Nasser Alotaibi for reporting this) [GL:XI#383] – SNS

Updated

  • Improved UX of the Operation Center configure sound modal [GL:XI#370] – SG

Added

  • Added the ability to modify homepage settings when a dashboard is set as the homepage – BB

Fixed

  • Fixed an issue where phantomjs was not working properly on an offline upgrade – CB
  • Fixed an issue with unhelpful error messages in email settings [GL:XI#363] – AC
  • Fixed an issue in Executive Summary where the report would be named incorrectly for [Host Only] and [All Services] reports [GL:XI#340] – SAW
  • Fixed an issue in State History where the report would show service states when [Host Only] was selected [GL:XI#340] – SAW
  • Fixed typo in Performance Settings – SAW
  • Fixed an issue where Homepage Customization would indicate that it was disabled when it was enabled [GL:XI#376] – BB
  • Fixed an issue where Homepage Customization cog would not show in the dashboard view [GL:XI#376] – BB
  • Fixed an issue that caused “Send Test Email” button to break if “From Address” was invalid [GL:XI#367] – BB
  • Fixed an issue that caused performance graphs to display an incorrect “Max” value [GL:XI#336] – BB
  • Fixed an issue where host and service statuses would be partially truncated on Ubuntu [GL:XI#259] – BB
  • Fixed an issue where the Announcement Banners table looked broken when there were no banners configured [GL:XI#358] – SG
  • Fixed an issue that caused errors to show when using a dashboard as the home page – BB
  • Fixed an issue where Deploy Agent would fail when deploying to an Ubuntu minimal install [GL:XI#177] – BB
  • Fixed an issue that was causing browser console errors on the Email page – BB
  • Fixed an issue where the Host status detail page was showing OK when a service was Pending [GL:XI#352] – BB
  • Fixed an issue where adding/editing a command in the CCM would have a broken page – BB
  • Fixed an issue where CCM forms could show errors when editing commands or services – BB
  • Fixed an issue where Bulk Modifications -> Add Parent Host would break on PHP 8 [GL:XI#375] – BB
  • Fixed missing dependency (php-pecl-ssh2) in Scheduled Backups [GL:XI#290] – BB
  • Fixed missing authorization controls in Unconfigured Objects (Thanks Oliver Brooks and Colin Brum from NCC Group for reporting this) [GL:XI#419] – BB