A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More.
AI OnAI Off
A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More.
The CMS displays an incorrect Last login date/time for users because the CMS API appears to convert LastLoginDate to UTC even though the value is already stored in UTC in the database. This results in the displayed time being shifted (e.g., -2 hours).
I'm able to reproduce this bug easily.
When user logs in, their last login date is saved to database as UTC time.
The issue is that their last login date is shown as UTC time in the CMS:
The bug seems to originate from "/EPiServer/EPiServer.Cms.UI.Admin/users/GetUser?userName=bug" API which subtracts 2 hours from the last login (suggesting that this API treats already UTC time as local time):
CMS version: 12.34.1