Request Demo

2.1.4

  • January 28, 2020

Security

  • Fixed open redirect vulnerability in the redirect parameter on the login page -JO
  • Fixed XSS vulnerabilities in dashboard query page, full user name in profile, admin user edit page, and admin audit log page (CVE-2020-6584, CVE-2020-6585, CVE-2020-6586) (thanks Mohit Rawat) -JO, SAW

Updated

  • Added a selector to Alert History allowing newly-deleted alerts to be used as a filter [TPS#14795] -SAW
  • Updated Japanese translations (thanks Chitose Sasaki) -JO
  • Remove broken ‘xor’ and ‘nand’ keywords from real-time alert configuration -SAW

Added

  • Added %lastalertlog% and related e-mail template macros for real-time alerts [TPS#14799] -SAW

Fixed

  • Fixed Logstash plugin upgrades causing install/upgrade scripts to fail and need to be restarted -JO
  • Fixed issue with missing CSS classes on some items in the interface [TPS#14762,14769] -SAW,JO
  • Fixed alert count in main homepage/dashboard to only show active alerts [TPS#14770] -JO
  • Fixed Unique Hosts count in the main homepage/dashboard to use the same query used in the Unique Hosts Report [TPS#14767] -JO
  • Fixed boolean logic operators in realtime alerting being improperly translated [TPS#14768] -JO
  • Fixed real-time creation and editing for users that could not modify Logstash configuration [TPS#14808] -SAW
  • Fixed removal of other notification recipients when non-admins edit alert settings [TPS#14783] -SAW
  • Fixed ‘Show Query’ and ‘Show Results’ buttons appearing in Alert History for Real-Time and Host Freshness Alerts [TPS#14797] -SAW
  • Fixed missing Email Templates ‘Remove’ button when user has all alerting permissions enabled [TPS#14794] -SAW
  • Fixed incorrect real-time alerting criteria when multiple alerts were edited/canceled [TPS#14784] -SAW
  • Fixed broken ‘Download as CSV’ button in Alert History [TPS#14796] -SAW
  • Fixed display of real-time alert names in dashboard fields [TPS#14798] -SAW
  • Fixed duplicated e-mails when editing scheduled reports in clustered environment [TPS#14851] -SAW
  • Fixed comma escaping when exporting a CSV from a dashboard -SAW
  • Fixed non-admin users able to edit/delete other users’ scheduled reports -SAW
  • Fixed issue with ‘Toggle All’ button in User Permissions [TPS#14877] -SAW
  • Fixed issue with selecting multiple host lists in User Permissions [TPS#14879] -SAW