# 3.0.13

# Overview

This security release resolves an XSS vulnerability in the Framework.

## Security

 * 2015-03-20 [bdef4fc](https://github.com/silverstripe/sapphire/commit/bdef4fc) Fixed XSS vulnerability relating to rewrite_hash (Christopher Pitt) - See announcements [ss-2014-015](http://www.silverstripe.org/software/download/security-releases/ss-2014-015-ie-requests-not-properly-behaving-with-rewritehashlinks), [ss-2015-009](http://www.silverstripe.org/software/download/security-releases/ss-2015-009-xss-in-rewritten-hash-links)

## Changelog

 * [framework](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.0.13)
 * [cms](https://github.com/silverstripe/silverstripe-cms/releases/tag/3.0.13)
 * [installer](https://github.com/silverstripe/silverstripe-installer/releases/tag/3.0.13)