This release includes a security fix to a reported XSS vulnerability that allowed agents to make an XSS attack against other admins/agents.
The fix included upgrading the dependant library v-tooltip and disable the HTML rendering of agent names.
Other bug fixes and improvements
- Fix the bug to resolve the identity of the user via phone number in Twilio inboxes.
- Add a new API to resolve the assignable agents in a particular inbox.
- Fix reset password error message and default it to the server returned response.
- Upgrade ssri to fix CVE-2021-27290.
- Fix minor UI glitches.
New languages introduced in the release
- Chinese (zh-CN)
- Norwegian (no)
- Hungarian (hu)