This release is rated critical.
We are grateful for Security researchers who disclosed
security issues privately to the Piwik Security Response
team: Elamaran Venkatraman, Egidio Romano and Dmitriy
Shcherbatov. The following vulnerabilities were fixed:
XSS, CSRF, possible file inclusion in older PHP versions
(low impact), possible Object Injection Vulnerability
(low impact).