XSS fixes, QR code support for topic ID
Server
c9db911 Instructions on creating a private installation
33d75b0 Update golang.org/x/crypto to v0.17.0 (CVE-2023-48795)
f19ab26 6aca44a 474fe78 a9cf71b Security fixes: make sure CSRF and XSS-exploitable user attachments are always downloaded instead of shown inline. Thanks Aleksandr Mironov (www.ptsecurity.com)
iOS
QR Code for topic ID
https://github.com/tinode/ios/releases/tag/v1.22.12
Android
QR Code for topic ID, bug fixes
https://github.com/tinode/tindroid/releases/tag/v0.22.12
Webapp
Fix for image downloads, QR Code display
https://github.com/tinode/webapp/releases/tag/v0.22.12
JS-SDK
Bug fix
https://github.com/tinode/tinode-js/releases/tag/v0.22.12