CiviCRM 5.74.4, 5.69.6-ESR Security Release

Közzétéve

2024-06-19 18:32

Written by

dev-team - official CiviCRM announcement

There has been a security release for CiviCRM. Upgrades are available for:

CiviCRM v5.74.4 (download, release notes)
CiviCRM v5.69.6 ESR (info, download, release notes)

These upgrades address the following security issue:

CIVI-SA-2024-01: View Contact (Cross Site Scripting)
CIVI-SA-2024-02: JSON Settings (Cross Site Scripting)
CIVI-SA-2024-03: Smarty Security Policy (Arbitrary PHP Code Execution)

Support CiviCRM

We are committed to keeping CiviCRM free and open, forever. We depend on your support to help make that happen.

Make a donation or contribute to a Make it happen campaign.
If your organization wants to support our work, please become a member today.
If you are a CiviCRM service provider, please become a partner.

CiviCRM is community driven and is sustained through contributions, good vibes, solidarity, and financial support from its community. Help CiviCRM do a world of good.

Filed under

Extended Security Release

Release announcements

Security Releases

CiviCRM 5.74.4, 5.69.6-ESR Security Release

Support CiviCRM

CiviCon in San Francisco, May 2025: Save the date!

The Visitor Experience of Recurring Contributions

The Benefits of Running A/B Tests for Mass Email Campaigns

CiviCRM 5.79 Release

The #CiviOneClick project – increasing CiviCRM’s accessibility

Next steps for CiviCRM Standalone

Composer installers and CiviCRM

WORK WITH A TRUSTED EXPERT
TO SETUP YOUR CIVICRM

Languages

CiviCRM 5.74.4, 5.69.6-ESR Security Release

Support CiviCRM

WORK WITH A TRUSTED EXPERT TO SETUP YOUR CIVICRM

WORK WITH A TRUSTED EXPERT
TO SETUP YOUR CIVICRM