8.1.5
Fix1 Security1Fixes
- Update Password Strength library to the latest version. This fixes discrepancies between the realtime password strength estimation and the enforced password strength.
Security
- Prevent open redirects attacks against the Enforce SSL module. This attack requires spoofing the Host header which requires additional conditions to exploit. Thanks to nlpro for reporting the issue. Read More: https://ithemes.com/?p=84309