Tracks 2.7.1 can be downloaded here.

This release fixes a few reflected XSS vulnerabilities (CVE-2024-41805) which enabled execution of malicious JavaScript in the context of a user’s browser if that user clicks on a malicious link, possibly allowing retrieval or modification of the current user’s data. The issue is of moderate severity (score 6.1/10) with the CVSS rating CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N.

Upgrade instructions can be found in the manual.