4 May 2010
Crowd 1.4.8 is a recommended upgrade which fixes various XSS vulnerabilities, as described in the security advisory. Please refer to the advisory for details of the security vulnerability, risk assessment and mitigation strategies.
Please note: This release provides only a WAR distribution of Crowd 1.4.8. If you need help upgrading a non-WAR distribution to Crowd 1.4.8, please contact Atlassian support.
The latest version of Crowd, at the time of these release notes, is Crowd 2.0.4. We are supplying version 1.4.8 as an upgrade for versions 1.4.x, to fix the security vulnerabilities.
Don't have Crowd 2.0 yet?
Take a look at the new features and other highlights in the Crowd 2.0 Release Notes. And of course, Crowd 2.0.4 also includes the features of Crowd 2.0.
