Crowd 1.2.4 Release Notes
14 October 2008
Crowd 1.2.4 is a recommended upgrade which fixes a parameter injection vulnerability, as described in the security advisory. Please refer to the advisory for details of the security vulnerability, risk assessment and mitigation strategies.
The latest version of Crowd, at the time of these release notes, is Crowd 1.5.1. The previous public release of Crowd 1.2.x was version 1.2.2. Version 1.2.3 was an internal release. We are supplying version 1.2.4 as an upgrade for versions 1.2.x, to fix the security vulnerability.