Security Release Announcement - Version 4.1.3

2012-06-05 15:13
Written by

CiviCRM 4.1.3 has been released and is available for immediate download from SourceForge. This is a security release which addresses several potential vulnerabilities. We recommend that you upgrade as soon as possible.

Security Release Details

  • Prevents unauthorized access to certain Ajax URLs
  • Provides additional filtering of end-user HTML input
  • Removes sensitive billing information from cache tables

Bug Fixes and Temporary Data Cleanup

4.1.3 also includes approximately 40 bug fixes, as well as a new "scheduled job" which cleans up temporary data and files. We recommend that all sites run this job on a hourly basis.

Upgrade Instructions

Filed under


Upgrading to the latest version of CiviCRM is highly recommended. For sites who aren't able to immediately upgrade from some earlier version, we've made a hotfix module available.

See for info and downloads.