Thank you @GlennD for the update. My complaint is that Apache has patched the DLL since 2020, and yet in 2024 GoTo is still looking into re-compiling the connector software so the new version DLL is added o the latest version.

This I find unacceptable from security practices perspective. This is one of the easiest vulnerability to remediate yet here I am opening and re-opening tickets,  posting on the community forum, waiting months and vocally pushing for a patch with no ETA except "we are looking into it"

I know this is marked as Resolved but it is not. There is yet any fix to the vulnerability.

Yet another item to add to the risk assessment.  Thank you HZO-GB!

I am getting the run-around with this 4 year old vulnerability. After multiple requests to escalate the case due to security concerns and false closures someone promised to contact the devs. Well, the software is still vulnerable, and the ticket is closed without notification, again.

@GlennD  can you provide an update, and also follow up on my ticket 19744340?

@HZO-GB The fix has been prepared and we are working through the testing and a release plan. This is taking longer as it is for our older platform. Once it has be QA'd and a release date is confirmed I will post an update.