Documentation Home
Changelog

Broadleaf Commerce 5.2.27-GA

Release Date: September 28, 2023

Overview

This is the 27th patch release for Broadleaf Framework 5.2.x. To upgrade a 5.2.x application to the 5.2.27-GA release, it should only require updating the parent pom.xml broadleaf-boot-starter-parent to 5.2.27-GA.

An at-a-glance view of the issues that were closed in this release:

Minor Bugs(2)

  • Fixed the Insecure Direct Object Reference (IDOR) vulnerability that was reported by preventing a user to use his session to manipulate entities on the other sites in BroadleafAdminRequestProcessor.
  • Updated Tika Core to 2.9.0 and fix the issue where uploading new assets would cause errors.

Total Resolved Issues: 2