A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More.

AI OnAI Off

Home /

Security Improvement

Found in

EPiServer.CMS.UI 11.32.1

Fixed in

EPiServer.CMS.UI 11.37.2

(Or a related package)

Created

Apr 11, 2024

Updated

Aug 26, 2024

Area

CMS UI

State

Closed, Fixed and tested

Description

Updated the packages Microsoft.AspNet.Identity.Owin to version 2.2.4 since version 2.2.3 was flagged for security vulnerabilities.

Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability · Advisory · dotnet/aspnetcore (github.com)