- SecurityFixed newly discovered security issues.
- SecurityFixed newly discovered security issues.
- SecurityFixed newly discovered security issues.
- SecurityFixed newly discovered security issues.
- ProtectionAdded malicious IPs to the blacklist based on threat intelligence from July 1st.
- SecurityFixed newly discovered security issues.
- NewAdded download for Malicious IP Blacklist Library.
- FixedFixed issue where E8 personnel card could not open.
- FixedFixed potential system slowness in E8/E9.
- SecurityFixed newly discovered security issues.
- NewAdded IP Blacklist Library to block access from known malicious IPs.
- FixedFixed issue where Execution Platform could not open.
- SecurityFixed newly discovered security vulnerabilities.
- OptimizedOptimized security patch performance.
- FixedFixed issue where standard users could not login after E8 system update.
- SecurityFixed newly discovered security issues.
- FixedFixed compatibility issues in specific environments.
- FixedFixed issue where customer portal accounts could not login normally.
- FixedFixed printing failure in E9 asset module.
- SecurityFixed newly discovered security issues.
- SecurityFixed newly discovered security issues.
- FixedFixed save failure in E9 form modeling and groups.
- FixedFixed issue where E8 workflow testing could not be used.
- SecurityFixed newly discovered security issues.
- SecurityFixed newly discovered security issues.
- SecurityFixed newly discovered security issues.
- FixedFixed issue where email attachments could not be downloaded.
- SecurityFixed newly discovered security issues.
- SecurityAddressed WorkflowServiceXml SQL injection false positives after 10.64.1 update. (False positive explanation: POC used '1=1' for testing, which was allowed for business system compatibility.)
- FixedFixed anomalies in unified pending integration, mobile modeling scan function, and modeling webservice interface calls caused by 10.64.
- FixedFixed issue where functions like body text could not open, caused by 10.64.
- SecurityFixed security vulnerabilities.
- SecurityFixed security vulnerabilities.
- SecurityFixed security vulnerabilities.
- SecurityFixed security vulnerabilities.
- NewAdded general security protection rules.
- SecurityFixed security vulnerabilities.
- SecurityFixed newly discovered security vulnerabilities.
- FixedFixed functional bugs.
- OptimizedBased on 10.58.7 patch, directly usable for upgraded customers, reducing size and file updates.
- SecurityFixed security vulnerabilities.
- SecurityFixed security vulnerabilities.
- FixedFixed lag issues when syncing personnel between EM7 and E-Bridge.
- SecurityFixed security vulnerabilities.
- FixedFixed error when opening attachments or body text popups from E8 workflow.
- FixedFixed issue where seal images could not be displayed.
- SecurityFixed security vulnerabilities.
- SecurityFixed security vulnerabilities.
- SecurityFixed security vulnerabilities.
- OptimizedOptimized performance.
- SecurityFixed XXE injection vulnerability.
- SecurityFixed newly discovered security vulnerability (XXE injection).
- FixedFixed database connection leaks and high concurrency performance issues appearing after 10.57 update in some environments.
- FixedFixed docx file preview failure after E9 updated to 10.57 patch.
- FixedFixed dynamic password function failure after upgrading to 10.57 patch.
- SecurityFixed newly discovered security vulnerabilities.
- UpgradedUpgraded commons-fileupload to version 1.5.0.
- UpgradedUpgraded dubbo to version 2.7.22.
- ProtectionAdded global protection against arbitrary command execution vulnerabilities.
- SplitSplit the original "EC8.0 and above Full Patch" into "EC9.0 Full Patch" and "EC8.0 Full Patch" to resolve jar conflicts.
- SecurityFixed newly discovered security vulnerabilities.
- OptimizedRASP protection module performance optimization.
- SecurityFixed newly discovered security vulnerabilities.
- OptimizedRASP protection module performance optimization.
- OptimizedOptimized system performance issues caused by 10.52 and above patches.
- SecurityFixed newly discovered security vulnerabilities.
- SecurityFixed newly discovered security vulnerabilities.
- SecurityFixed newly discovered security vulnerabilities.
- Note: After E9 upgrade to v10.52, administrator needs to access /mobilemode/admin/genStaticpageAll.jsp to initialize data.
- FixedFixed bug in arbitrary URL redirect validation rules to avoid blocking normal redirects.
- UpgradedUpgraded xstream to version 1.4.18.
- SecurityFixed newly discovered security issue (Cloud Store logic vulnerability).
- SecurityFixed newly discovered security vulnerabilities.
- NoteEMobile6 requires synchronous patch upgrade; Single Sign-On requires secret configuration.
- UpgradedUpgraded Xstream component to version 1.4.17 to resolve deserialization issues.
- SecurityResolved arbitrary file upload vulnerability.
- SecurityFixed a security issue in ecology (CNVD-2019-34241, CNTA-2019-0033).
- UpgradedUpgraded fastjson to version 1.2.61 and bsh component to address potential remote code execution issues.
- SecurityFixed a CRLF vulnerability in ecology (CVE-2019-10272).
- SecurityResolved Cross-Site Scripting (XSS) attacks.
- SecurityResolved high-risk SQL Injection attacks.
- ProtectionPhishing risk prevention.
- SecurityHost header forgery protection.
- ProtectionWebservice whitelist mechanism.
- ProtectionCookie HttpOnly mechanism.
- SecurityHTTP Response Splitting vulnerability.
- ProtectionFile upload security check.