Verj.io V5.12.0 released

#1

The introduction of three Media Controls:
- Audio Control – used to embed audio content onto a page.
- Video Control – used to embed video content onto a page.
- IFrame Control – used to embed HTML content into the current page.
Upgraded to support Java 17.
JavaScript API documentation included with the Verj.io reference documentation. This is accessible from the Verj.io Studio Help menu.

Security Fixes in V5.12.0:

Upgrade to tomcat 9.0.69 that fixes:
- CVE-2022-34305 - The Form authentication example in the examples web application displayed user provided data without filtering, exposing an XSS vulnerability.
- CVE-2022-42252 - If Tomcat was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (not the default), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header.
Commons Texts updated to 1.10.0 that fixes:
- CVE-2022-42889 - Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded.
Configure X-Frame-Options HTTP response header to indicate whether or not a browser should be allowed to render a Frame, IFrame, Embed or Object HTML elements.
Verj.io Service Plans and On-Premises environments can restrict access to known Verj.io Studios by configuring a Whitelist in their respective Administration Applications. This Whitelist replaces the Whitelist previously used to restrict deployment.
Upgrade Apache HTTP Client 4.5.12 to HTTP Client 5.2.

Release notes and installation instructions:
See the V5.12.0 Readme

Community Forum