changelog updated

889d9881 · Piotr Gawron · b59596b4 · 889d9881
Commit 889d9881 authored Jan 14, 2020 by Piotr Gawron
--- a/CHANGELOG
+++ b/CHANGELOG
+minerva (14.0.7) stable; urgency=high
+  * Bug fix: API allowed to provide malformed plugin url that could be used for
+    xss attack (#1073)
+
+ -- Piotr Gawron <piotr.gawron@uni.lu>  Tue, 14 Jan 2020 17:00:00 +0200
+
 minerva (14.0.6) stable; urgency=medium
  * Bug fix: opening map with no background overlays and search request in url
    provides proper error message (#1046)