General vulnerabilities ▪PHP 7 security update (current version: 7.4.24) |
The SEARCH method of the HTTP protocol is not officially validated by W3C (World Wide Web Consortium) and it was reported as a potential vulnerability by some WAF (Web Application Firewall) tools in the market.
Therefore, from this version onwards, SoftExpert Excellence Suite no longer uses the HTTP SEARCH method, to be in compliance with the HTTP specifications officially validated by W3C.
In version 2.1.7, the Tomcat (web server used by the application) version has been updated from version 7 to version 9.
The integrated authentication via NTLMv2 SSO has been disabled. If it is still being used, we recommend migrating to SAML.
Shortcuts have been created for images added to a rich text field to facilitate resizing them to preset sizes, which are:
▪Thumbnail size: the image is automatically resized to approximately 200px, with the possibility of a small variation in this value, according to the dimensions of the image, especially if its width is bigger than its height or vice-versa;
▪Original image size: any customizations previously made to the width or height of the image are made to restore its original dimensions.
To access these shortcuts, simply click on the image you wish to resize on the rich text field edit mode.
Icon |
Shortcut description |
Open gallery. |
|
Resize the image to thumbnail size. |
|
Restore the original size of the image. |
|
Delete the image. |
Reinforcement in the login screen security and increase in the security against brute force attacks.
The alert screen (CM034) of the system, released in version 2.1.6, has been evolved to facilitate the understanding of reported problems and the viewing of the alert history.
View also the improvements made to this component in previous versions: