Skip to content

Squidex

v7.23.0 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 1mo Productivity & Wikis
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 2 known CVEs

Topics

asp-net asp-net-core cms c# headless-cms mongodb
+3 more
mysql postgresql sqlserver

Summary

AI summary

Adds SSRF protection for asset downloads and HTTP scripting.

Full changelog

Changed

  • Security: Added SSRF protection for asset downloads.
  • Security: Added SSRF protection for scripting Http clients.

Fixed

  • Content: Fix serialization of status fields for contents.

Security Fixes

  • SSRF protection for asset downloads
  • SSRF protection for scripting HTTP clients
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Squidex

Get notified when new releases ship.

Sign up free

About Squidex

Headless CMS, based on MongoDB, CQRS and Event Sourcing.

All releases →

Related context

Related tools

Beta — feedback welcome: [email protected]