CubeCart 6.4.3 Released - Security Updates

[Al Brookbanks]

CubeCart 6.4.3 is now available which contains two important security updates. We strongly recommend upgrading to this version.

Security Issue 1: PHPMailer (Object injection vulnerability). GitHub issue #2866
Security Issue 2: CubeCart Session Fixation. GitHub issue #2870. Many thanks to Piyush Patil for responsible disclosure.

What else is new?
87 other issues have been resolved including:

• What3Words one click setup - Our new partner API integration takes away the need to register for an API key. To enable What3words just check the box in features tab of your stores settings. 
• Language phrases can now be searched. Thanks to @bsmither 
• Products can now have a maximum quantity as well as minimum on add to basket. Thanks to @bsmither
• Email log search filter. Thanks to @bsmither

Release Notes
If you are uncomfortable or not confident upgrading a customised store we can do this for you under our technical support & management service whilst retaining all customisations. If you really can't upgrade please;

1. Delete the classes/PHPMailer folder and replace with the files and folders from 6.4.3
2. Patch the following code changes from GitHub issue #2870.

Download: CubeCart-6.4.3.zip