There has been a security release for CiviCRM. We recommend you immediately upgrade to one of the following versions:
CiviCRM v5.13.7 ESR
In addition to the security fixes, this release includes several bug fixes.
Below are the security advisories details:
Member Summary Report - Fix filtering by "Member Since" (dev/core#1406: 15894)
Contribution Search - Fix issue with displaying cancellation date (dev/core#1391: 15893)
Contribution Search - Fix issue where search criteria were applied inconsistently (dev/core#1374: 15896)
Additional Payment Form, Payment API - Calculate "Net Amount" automatically. Remove error-prone field from UI. (dev/core#1409: 15889)
Upgrade now for the most stable CiviCRM experience:
Note: If you use CiviCRM v5.13.7 ESR with the APIv4 extension ("org.civicrm.api4"), you should double-check that your system is running version 4.4.4. In v5.19+, no extra check is necessary.
CiviCRM security announcements are available from https://civicrm.org/advisory and via the CiviCRM Security Notifications email list.