4.0.13
We released a maintenance update for Admidio 4.0 that will address some security relevant issues. So if you don't want to update to version 4.1 you should do an update to 4.0.13.
The following issues have been fixed:
#1138 Url within menu entry could be used to execude javascript
#1144 XSS possible within profile fields that contains urls
#1146 Call of not initialized variable in groups_roles.php
#1148 URL within menu module could not be relative anymore
#1159 Url could contain Javascript that leeds to XSS
We recommend you to read our announcements for version 4.0 if you have not done before.
If you are new to Admidio and want to install it on your webpage than the following wikipage could help: Install Admidio
The following wiki pages maybe interesting on an Update: Update Admidio