FreeScout Helpdesk Files

Security * Take into account APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS option in ConversationPolicy.php * Take into account APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS option when changing conversation subject. * Take into account APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS option when following or unfollowing conversation. * Take into account APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS option on customer Conversation tab. * Take into account APP_LIMIT_USER_CUSTOMER_VISIBILITY option on customer profile page. * Do not allow to change user password inprofileSave() function. * Fixed UserPolicy.php update method. * Do not allow regular users change other users emails when PERM_EDIT_USERS enabled. * Limit fields which can be updated on mailbox Settings and Auto Reply pages. * Limit fields which can be updated during user creation. * Check language name when deleting a language from Translate page. * Limit fields which can be updated in OpenController userSetupSave() function. * Limit fields which can be updated during updating of a customer. * Remove also unclosed restricted tags in Helper::stripDangerousTags() function. * Escape customer name in the customer updated flash message. * Escape company name displayed in the "Welcome to Company" flash message. * Strip dangerous tags when publishing translations. * Strip dangerous tags in /system/ajax-html/job_details/ modal. * Sanitize name field when creating a mailbox.

Fixed * Fixed German translation (#4776) * Fixed CSP issue when embedding an iframe (#4777) * Make setCookie() function cross-browser in main.js (#4793) * Set same_site back to null in session config (#4769)