This section outlines issues tracked and fixed by the MOVEit product team for the 2022.0.10 service pack.

ID

Category

Fixed Issue
70162 Security Missing certificate validation in SAML2 library
75426 Server/Security 'Schema version number must be updated' when upgrading Transfer and ignoring custom DB elements.
75595 REST/Security REST API password change mechanism missing enter-prior-password requirement.
75800 Security/Uploader Component: axios-0.21.4 has CVE Vulnerability CVE-2023-45857.
76506 Server/API Better argument handling to prevent sign-on name harvesting using machine interface and Gateway.
76688 Server/Security Input validation of parameter size needed.