/
Release notes 11.1.4

Release notes 11.1.4

Release dateJan 5, 2026

Our team is thrilled to announce the latest release of SQL for Confluence, version 11.1.4.

Contents

Contents

Security fixes

Bug fixes

  • Security enhancements: Fixed XSS, remote code execution vulnerability (RCE) and added CSRF protection

 

Security Improvements

Enhanced JDBC Driver JAR Download Security

To prevent potential security risks, the plugin now restricts JDBC driver JAR downloads to trusted repositories only. When configuring database connections using HTTPS URLs, only the following trusted domains are permitted:

 

  • jdbc.postgresql.org

  • repo1.maven.org

  • central.maven.org

  • http://maven.apache.org

  • http://dev.mysql.com

  • http://download.microsoft.com

  • http://oracle.com

  • http://search.maven.org

  • mvnrepository.com

 

What this means for users:

  • HTTP URLs for JDBC driver JARs are no longer allowed (HTTPS only)

  • HTTPS URLs must be from one of the trusted repositories listed above

  • Local file paths and relative paths continue to work as before

  • This change helps ensure that only verified, legitimate JDBC drivers are loaded

Questions and feedback

  • Explore exciting features, pricing updates, reviews, and more on the Marketplace.

  • Stuck with something? Raise a ticket through our support portal.

  • Do you love using our app? Let us know what you think here.

Credits

Thank you to our valued customers! Your incredible support and feedback inspire us to improve continuously. We appreciate your trust in SQL for Confluence!

Need support? Create a request with our support team.

Copyright © 2005 - 2025 Appfire | All rights reserved.