Publicat
2017-07-05 23:00
In the "Search Results" screen, some elements were not properly escaped.
Security Risk
Less Critical
Vulnerability
Cross Site Scripting
Affected Versions
- 4.7.20 and earlier
- 4.6.28 and earlier
Fixed Versions
- 4.7.21
- 4.6.29
Solutions
Upgrade to the latest version of CiviCRM
If you cannot upgrade apply the following patch
Credits
Sean Madsen for reporting the issue and fixing it