ESFC - Aug 2024
Summary 🌟
In this release, we have improved CSV export functionality, introduced "Show Author" option with separate controls. We also fixed several bugs, including issues with incorrect characters in page names, vulnerabilities in external shares. Additionally, display issues and stability in the comment tab on shared pages were resolved for better user experience.
Improvements
Increased CSV export row limit IMPROVED
We improved the CSV export functionality by increasing the maximum number of rows that can be exported.
Improved “Show Author” Option IMPROVED
In the Customize tab, the “Show Author” option is now split into “Show Avatar” and “Show Author Info”, allowing users to hide avatars but still display the author's name.
Bug Fixes
Fixed incorrect characters in page FIXED
We have fixed an issue where page names in the Activity Tab appeared with incorrect characters, such as "@". Additionally, the dropdown menu was non-functional, preventing users from selecting page suggestions. Both issues have been resolved.
Fixed infinite loading screen FIXED
When users try to export a CSV file from the global settings page, an infinite loading screen appeared. This was fixed and fetching data mechanism was improved.
Fixed external shared link issue FIXED
We addressed a display issue where inserting an external share URL in edit mode would cause the URL window to be cut off. Now, the window is fully visible.
Fixed unstable comment tab on shared pages FIXED
We fixed an issue where the comment tab on shared pages was unsteady. It now loads smoothly, with additional improvements to prevent white flashes when loading the edit view, especially in dark mode.
Fixed vulnerabilities FIXED
We have fixed vulnerability where attackers could regenerate information for external shares.
Fixed an XSS vulnerability where attackers could inject malicious code on the API Key Usage page.
A vulnerability allowing attackers to redirect users to malicious websites through the login URL has been fixed.
Fixed a vulnerability where lower-privileged users could access the activity logs of private space shares.