Configuration - 2.2.1
Correction of vulnerabilities
- Correction of XSS and Path Traversal or Directory Traversal vulnerabilities in the system.
- Correction of a LFI (Local File Inclusion) vulnerability which could lead to another critical RCE (Remote Code Execution) vulnerability in the system.
- Blocking of the arbitrary definition of environment variables in the system to add an extra security layer and mitigate the RCE (Remote Code Execution) exploration in Linux environments.
Component improvements
All new features for SoftExpert Configuration in version 2.2.1 were gathered in the SoftExpert Administration release notes. Check them out!
These notes are related to the following operations:
- Defining a default sorting for attachments.
- Adding values in batches in attributes of the List of values type.
- Creating exceptions for fixed dates in the calendar.
- Security in permission profiles.
- Translation of permission profiles.
- External attributes with datasets.
- Functional roles turned into teams.
- Redesign of the company contact screen.
- Association of forms with companies.
- Adjustment in the identification mask sequential by screen.
- Mandatory Multi-Factor Authentication (MFA).
- Interval of trusted IPs for Multi-Factor Authentication (MFA).
- More integration possibilities between SoftExpert Suite and other data sources.
- REST data source: support to send and read simple listings within JSON added.
View the latest improvements made to this component: