The backend application has been upgraded from Java 8 to Java 17. This upgrade improves performance, long-term support, security, and compatibility with modern libraries.
Bugs
Updated CORS rules to ensure only trusted domains are allowed.
Implemented X-Frame-Options to prevent malicious sites from embedding the application in iframes.
Added the X-Content-Type-Options: nosniff header which protects against MIME-type confusion attacks.
Restricted script, style, and resource loading to trusted sources which reduces risk of XSS and injection-based attacks.
