# CiviCRM 5.64.4
Released September 6, 2023
- **[Synopsis](#synopsis)**
- **[Security advisories](#security)**
- **[Bugs resolved](#bugs)**
- **[Credits](#credits)**
- **[Feedback](#feedback)**
## Synopsis
| *Does this version...?* | |
| --------------------------------------------------------------- | -------- |
| Change the database schema? | no |
| Alter the API? | no |
| Require attention to configuration options? | no |
| **Fix problems installing or upgrading to a previous version?** | **yes** |
| Introduce features? | no |
| **Fix bugs?** | **yes** |
| **Fix security vulnerabilities?** | **yes** |
## Security advisories
* **[CIVI-SA-2023-07](https://civicrm.org/advisory/civi-sa-2023-07-smarty-math-rce): Smarty Math RCE**
* **[CIVI-SA-2023-08](https://civicrm.org/advisory/civi-sa-2023-08-kcfinder-xss): KCFinder XSS**
* **[CIVI-SA-2023-09](https://civicrm.org/advisory/civi-sa-2023-09-getfields-sqli): GetFields SQLI**
* **[CIVI-SA-2023-10](https://civicrm.org/advisory/civi-sa-2023-10-multiple-potential-sqli): Multiple Potential SQLI**
* **[CIVI-SA-2023-11](https://civicrm.org/advisory/civi-sa-2023-11-select2-xss): Select2 XSS**
* **[CIVI-SA-2023-12](https://civicrm.org/advisory/civi-sa-2023-12-jquery-validation-dos): jQuery Validation DoS**
* **[CIVI-SA-2023-13](https://civicrm.org/advisory/civi-sa-2023-13-survey-xss): Survey XSS**
* **[CIVI-SA-2023-14](https://civicrm.org/advisory/civi-sa-2023-14-contact-image-csrf): Contact Image CSRF**
* **[CIVI-SA-2023-15](https://civicrm.org/advisory/civi-sa-2023-15-civievent-xss): CiviEvent XSS**
## Bugs resolved
* **_Custom Data_: Failure processing "File" field ([#27290](https://github.com/civicrm/civicrm-core/pull/27290))**
* **_Upgrader_: Failure handling "civicrm_job_log" if there are orphaned records ([#27310](https://github.com/civicrm/civicrm-core/pull/27310))**
## Credits
This release was developed by the following authors and reviewers:
Uepal - Jean-Marie Heitz; Third Sector Design - Kurund Jalmi, William Mortada; RIPS
Technologies - Dennis Brinkrolf; Ranjit Pahan; JMA Consulting - Seamus Lee; Dave D;
CiviCRM - Coleman Watts, Tim Otten; BrightMinded Ltd - Bradley Taylor; Artful Robot - Rich
Lott
## Feedback
These release notes are edited by Tim Otten and Andie Hunt. If you'd like to
provide feedback on them, please login to https://chat.civicrm.org/civicrm and
contact `@agh1`.