v2.3.10

:pencil2: Changes

Fixed a security issue in the installer endpoints.
Fixed a security issue in the customer order reorder functionality.
Fixed a Server-Side Template Injection (SSTI) vulnerability in the first and last name fields that could be exploited by low-privileged users.
Refined the Blade tracer to track only view files, ensuring accurate view-level tracing.
Fixed SSTI vulnerability in type parameter handling — user input is now properly sanitized/validated to prevent server-side template injection.
Sanitized product review attachments to prevent stored XSS.
Sanitized CMS html_content during create and update operations to prevent stored XSS vulnerabilities.
Added validation for external URLs in downloadable product samples to block access to private and reserved IP ranges.

#11058 - Fixed the speculation issue and resolved the revoke endpoint issue.
#11053 - Fixed an issue where the custom field price was not converted according to the exchange rate on the product view page.
#11051 - Fixed a redirection issue that occurred when a product had insufficient quantity.
#11028 - Fixed an issue where horizontal scrolling caused misalignment of fixed-position elements (Cart/Profile buttons) on the search page.
#10975 - Fixed validation to ensure the source and target currencies are different when creating exchange rates.

Fixed a security issue in the installer endpoints.
Fixed a security issue in the customer order reorder functionality.
Fixed a Server-Side Template Injection (SSTI) vulnerability in the first and last name fields that could be exploited by low-privileged users.
Refined the Blade tracer to track only view files, ensuring accurate view-level tracing.
Fixed SSTI vulnerability in type parameter handling — user input is now properly sanitized/validated to prevent server-side template injection.
Sanitized product review attachments to prevent stored XSS.
Sanitized CMS html_content during create and update operations to prevent stored XSS vulnerabilities.
Added validation for external URLs in downloadable product samples to block access to private and reserved IP ranges.

#11058 - Fixed the speculation issue and resolved the revoke endpoint issue.
#11053 - Fixed an issue where the custom field price was not converted according to the exchange rate on the product view page.
#11051 - Fixed a redirection issue that occurred when a product had insufficient quantity.
#11028 - Fixed an issue where horizontal scrolling caused misalignment of fixed-position elements (Cart/Profile buttons) on the search page.
#10975 - Fixed validation to ensure the source and target currencies are different when creating exchange rates.