10.04.00 Resources (Release Date: 5/24/2022)
Important: If your website is using Shadows, there are required changes you need to make. Review those template changes here.
|Order Processing, edit order, changing the order contents no longer automatically updates the shipping rate.
|Order Processing > Recalculate Shipping Dialog: Trademark Symbol is being displayed as '®'
|Processed By, Created By, and Voided By usernames are output unencoded
|Quoted shipping is not displayed in the Order Recalculate Shipping dialog
|Recalculating shipping charges fails to properly increment / decrement shipping module reference counts
|Insecure direct object reference allows customer addresses to be modified by unathenticated customers
|Affiliate code is output unencoded
|XSS in Purchase Order/Terms
|Manage Quotes > Overlay / Calculate Shipping Dialog: Trademark Symbol is being displayed as '®'
|Quoted shipping using a module other than quote results in a negative discount and adjustment item
|Multitext custom field values are no longer properly CSV encoded
|PRV_Order_Calculate_Charges fails to properly increment / decrement shipping module reference counts
|Multiple places output "invalid_credentials" unencoded - Template Changes Required
|Bask "Undo" link is susceptible to XSS - Template Changes Required
Important: Miva 10.04.00 is marked as a Security release per PCI standards as it has updates to Miva payment modules. Because it is a Security Release, customers have 30 days from its release to update in order to avoid Non-Compliance Fees. Please review our full Non-Compliance Fee Policy Here