Changelog

Changelog

2.2.7 (2014-04-15)

Zend Framework 2.2.7 (2014-04-15)

SECURITY FIXES

  • ZF2014-03: Potential XSS vector in multiple view helpers due to inappropriate HTML attribute escaping. Many view helpers were using the escapeHtml() view helper in order to escape HTML attributes. This release patches them to use the escapeHtmlAttr() view helper in these situations. If you use form or navigation view helpers, or "HTML element" view helpers (such as gravatar(), htmlFlash(), htmlPage(), or htmlQuicktime()), we recommend upgrading immediately.

Copyright

© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.

Contacts