Release 1.1.0

Release Date: 22/09/2023

eSign Portal may require additional licensing

Key features

Time Partitioning

Enhance your data analytics experience by effortlessly organizing information in time frames. With 'Time Partitioning', you have the flexibility to group your analytical data by year, month, day, or even hour.
This feature empowers you to gain valuable insights, make informed decisions, and harness the potential of time-based analysis.

timepartition
Figure 1. Dashboard of current year partitioned by 'Month'

Widget Fullscreen Mode

Every widget can now effortlessly transition to fullscreen mode. This enhancement significantly improves the readability and simplifies navigation through your analytics data. Enjoy a more immersive and user-friendly experience as you explore your insights.

Click on the 'settings' button of a widget and select 'Expand widget':

fullscreen 1

The widget will than be expanded to fullscreen mode:

fullscreen 2

Some widgets even change the way data is presented in fullscreen to include additional information.

Document Types

Introduced the capability to easily filter your analytics information by document type. This feature provides you with precise control over your data, allowing you to focus on the insights that matter most to you.
Streamline your analytics experience and gain deeper insights about each type of document signed in eSign.

documenttype
Figure 2. Filtering by Document Type

Support for SSO Authentication

Now, you can effortlessly log in to the eSign Portal using your organization’s credentials.

eSign Portal introduces integration with SAML2.0 specification, boosting security.

sso
Figure 3. Single Sign-On login

See how to configure here.

Show Cumulative Usage

You can now track your cumulative usage of submitted documents per month, providing you with valuable insights into the growth of your eSign usage.
Gain a clearer understanding of your business evolution and make informed decisions as you monitor your submitted documents over time.

submittedsdocs
Figure 4. Submitted documents over a year

Features

  • Added time range limits to protect against large data sets.

  • Introduced default filter of 'current year' in the dashboard.

  • Added pagination of data inside widgets when the number of entries exceed the available widget side.

  • Improved tooltips to present more detail about the information being hovered.

  • Lookup analytics for specific document types with autocomplete.

Security Vulnerabilities

Known vulnerabilities

Dependency Severity Vulnerability Description

snakeyaml.jar

CRITICAL

CVE-2022-1471

SnakeYaml’s Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution.

okio-2.8.0.jar, okio-jvm-3.2.0.jar

HIGH

CVE-2023-3635

GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer.

Whitelisted vulnerabilities

Dependency Vulnerability Description

h2

CVE-2022-45868
CVE-2018-14335

These vulnerabilities only affect H2 databases, which are intended for demo purposes only and should not be used in production environments

jackson-databind

CVE-2023-35116

"The vendor’s perspective is that the product is not intended for use with untrusted input."
https://nvd.nist.gov/vuln/detail/CVE-2023-35116

jetty-http

CVE-2023-40167

At the date of the release the provider had not provided any fix for the vulnerability.
Additionally, the CVE description states that: "There is no known exploit scenario".

spring-web

CVE-2016-1000027

Spring dismissed this CVE:

"The vendor’s position is that untrusted data is not an intended use case. The product’s behavior will not be changed because some users rely on deserialization of trusted data."
https://nvd.nist.gov/vuln/detail/CVE-2016-1000027