August 2024


Security Improvements

  • SigningHub "Upload Library Document" API Server-Side Request Forgery (SSRF) (SHE-45960)
    • The SigningHub "Upload Library Document" function has been updated to remove the file path details from the response to reduce the potential risk of Server-Side Request Forgery (SSRF) attacks.
  • SigningHub Branding CSS Injection (SHE-45960)
    • SigningHub Enterprise branding logic has been improved to prevent the potential use of malicious Cascading Style Sheets (CSS) injection when customizing enterprise branding.