|
|
|
|
|
This section outlines issues tracked and fixed by the Ipswitch product team for the 2019.2 maintenance and feature release. Not all changes suggested by customers or uncovered in usability testing are tracked as issues or defects. See the What's New section for a broader view of these improvements.
You can also find significant changes and improvements that extend the MOVEit Transfer feature sets, usability, and quality in the What's New.
ID |
Category |
Fixed Issue |
MIDMZ-15307 |
MOVEit Authenticator/MFA |
Fixed an issue for MOVEit Transfer users running/using Duo Authenticator App to sign-on when using mobile-enabled Multi-factor Authentication (MFA). |
MIDMZ-11756 |
Web UI |
Fixed issue where folders were not populating in JavaScript Wizard when run on Internet Explorer. |
MIDMZ-14365 |
Web UI |
Style and spacing issue resolved in the Password section of the User Add page. |
MIDMZ-14437 |
Web UI |
Fixed case where admins of very large deployments experienced a usability issue when very large user (drop down) list did not display in a way that scaled to the very large result set (Settings->Auth Method). |
MIDMZ-14902 |
Web UI |
User with no home folder no longer has a non-functional Home Folder quick link on User Home view. |
MIDMZ-15210 |
Upload |
Fixed a case where JavaScript wizard upload returned Server Error. |
MIDMZ-15296 |
Web UI |
Group and Username field of folder permissions box is now expandable. |
MIDMZ-15071 |
REST API |
Fixed REST API subfolder cleanup capability. |
MIDMZ-15550 |
Web UI |
Fixed an issue where Group Admin did not have permissions to create user if the user did not have a home folder. |
MIDMZ-15584 |
Web UI |
Fixed issue where JSWizard would attempt to upload to user's home folder for users with no home folder. |
MIDMZ-15588 |
Swagger UI |
Upgraded to newer version of Swagger UI with patch for a detected XSS vulnerability. |
MIDMZ-15213/MIDMZ-15190 |
Web UI setting |
Fixed scenario where session timeout did not reset to expected value. |
MIDMZ-15214 |
Web UI |
Fixed a style issue that could obscure Add Access button when Admins used the Folder settings page for the specific case where Max List Count is set to less than the number of users in the Org. |
MIDMZ-16058 |
REST API |
CVE-2020-8612. Fixed a REST API endpoint that did not sanitize input. This could allow an authenticated attacker to execute arbitrary code in a user's web browser. Credit: Alex Kordas |
MIDMZ-16066 MIDMZ-16071 MIDMZ-16069 |
REST API |
CVE-2020-8611. Fixed multiple SQL injection vulnerabilities that could allow an authenticated attacker to gain access to the application database. Depending on the database engine being used, the attacker might be able to execute SQL statements to reduce availability or use exhaustive measures to infer structure and contents of the database and then compromise database elements. Credit: Alex Kordas |