Five new patches have been released. Two of them are high or critical!
Three new patches have been released. Two of them are critical.
Two new patches have been released, adding PHP 7.3 compatibility and improving the clearing of session data with parallel logins.
This patch sends all cookies with a “secure” marker set. This results in sending the cookies solely via HTTPS.
This patch prevents parallel logins for the same user account (session attack for backend and frontend).