2025.0.0 Release Notes
- 22 May 2025
- 1 Minute to read
- Print
- DarkLight
2025.0.0 Release Notes
- Updated on 22 May 2025
- 1 Minute to read
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback!
2025.0.0 Release Notes
Feature Improvements
| Reference Number(s) | Summary | Components | ||
|---|---|---|---|---|
| RILTS-715 | CSP Hardening: Phase I | Web Security | ||
| RILTS-713 | Allow script attributes in custom html | Web Security | ||
Resolved Issues
| Reference Number(s) | Summary | Components | ||
|---|---|---|---|---|
| RILTS-715 | CSP Hardening: Phase I | Web Security | ||
| RILTS-718 | New CSP rules which include 'style-src-elem' directive break Safari load of any CSS formatting, but changing to 'style-src' works fine for all | Web Security | ||
| RILTS-692 | Spawned from --> 2023 RIC External Pen - Cobalt.io #PT20021_1 - Stored XSS via Configuration > Systems > Images | Web Security | ||
| RILTS-685 | ZAP Scan: CSP: Wildcard Directive, script-src unsafe-inline, & style-src unsafe-inline issues reported on 3 URLs: main URL path, /idp/AuthnEngine, and sitemap.xml for RI LTS | Web Security | ||
| RILTS-684 | ZAP Scan: Absence of Anti-CSRF Tokens in idp/AuthnEngine for LTS | Web Security | ||
Updated on Thu May 22 2025 17:03:24 GMT-0400 (Eastern Daylight Time)
Was this article helpful?