Security Patch Released affecting 10.02.xx through 10.05.xx

Jun 15, 2015 An update was released that all venues should installed immediately. Venues that auto-update already have the change in place.


A way was found to show the name and address of a random patron who was not in your household via the account tab in web sales. No other data could ever be displayed (passwords and PCI information were never at risk). The worst possible outcome is that somebody, if they knew about the issue, could look up a name that they could find in the phonebook.

The issue was identified on Monday morning and a fix was auto-deployed by late afternoon the same day. Versions affected were TM 10.02, 10.03, 10.04, and 10.05 and a separate patch was issued for each version.