Release Notes - 0.8.8c

Important Security Fixes

• CVE-2013-5588 - XSS issue via installer or device editing
• CVE-2013-5589 - SQL injection vulnerability in device editing
• CVE-2014-2326 - XSS issue via CDEF editing
• CVE-2014-2327 - Cross-site request forgery (CSRF) vulnerability
• CVE-2014-2328 - Remote Command Execution Vulnerability in graph export
• CVE-2014-4002 - XSS issues in multiple files
• CVE-2014-5025 - XSS issue via data source editing
• CVE-2014-5026 - XSS issues in multiple files

Important Updates

• New graph tree view
• Updated graph list and graph preview
• Refactor graph tree view to remove GPL incompatible code
• Updated command line database upgrade utility
• Graph zooming now from everywhere