TL;DR
🔒 This is a security release!
Fixes the following vulnerabilities:
- Potential Cross Site Scripting (XSS) via the "Province" field in the Checkout and Address Book
- Potential Cross Site Scripting (XSS) via the "Name" field (Taxons, Products, Options, Variants) in the Admin Panel
Details
- #16176 [Maintenance][AbstractStateMachine] Add Sylius logo to readme (@Wojdylak)
- #16179 [Documentation] Update release cycle and PR template (@GSadee)
- #16190 Fix products grid (@kulczy)
- #16196 Fix product review validation's notInRangeMessage (@mpysiak)
- #16226 Remove unneeded placeholder from zone's scope select (@TheMilek)
- #16241 [Security] Fixes for potential XSS in the Checkout, Address Book and Admin Panel (@GSadee)
- #16232 [Maintenance] Update docker docs (@Wojdylak)
- #16233 Add wider support for deprecation contract (@Jibbarth)
Full Changelog: v1.13.0...v1.13.1