CVE-2020-15244 and New Release 19.4.8 and 20.0.4

20 Oct 2020 - colinmollenhour

CVE-2020-15244 is our second OpenMage CVE and our first CVE that is wholly independent from Adobe!

This vulnerability was disclosed to us privately from a community member via our HackerOne program and patched in versions 19.4.8 and 20.0.4. Please update to one of these version to receive the patch.

A big thanks to Luke Rogers for submitting the report!