D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
proc
/
self
/
root
/
proc
/
thread-self
/
root
/
var
/
softaculous
/
fork
/
Filename :
changelog.txt
back
Copy
5.12.0 (2023-07-31) ------------------ Fixed: * Core: Fix redirecting in parseWidget [#3513](https://github.com/forkcms/forkcms/pull/3513) * Core: Make privacy consent dialog scrollable on mobile [#3507](https://github.com/forkcms/forkcms/pull/3507) * Core: Make the old session clean-up method timezone aware [#3511](https://github.com/forkcms/forkcms/pull/3511) * Core: Move the apple touch icon to the theme [#3512](https://github.com/forkcms/forkcms/pull/3512) * Pages: Allow the use of install in a page title [#3533](https://github.com/forkcms/forkcms/pull/3533) * Pages: Skip empty images while copying a page [#3545](https://github.com/forkcms/forkcms/pull/3545) Security: * Core: Fix Open Redirect issue [#3547](https://github.com/forkcms/forkcms/pull/3547) Added: * CLI: Reset password CLI command [#3491](https://github.com/forkcms/forkcms/pull/3491) * Profiles: Autocomplete attributes [#3508](https://github.com/forkcms/forkcms/pull/3508)[#3548](https://github.com/forkcms/forkcms/pull/3548) Changed: * Core: Added PHP8 support and bumped minimum to 7.4 [#3538](https://github.com/forkcms/forkcms/pull/3538) * Core: Switched to symfony 4.4 [#3538](https://github.com/forkcms/forkcms/pull/3538) 5.11.1 (2022-03-24) Fixed: Core: Add missing aria attributes on form errors #3485 Core: Fix adding links on images in ckeditor #3478 Core: Fix database env variables not resolving before checking installed module #3502 Core: Update packages #3500 #3482 #3483 #3489 #3490 #3492 Blog: Fix translation in wordpress import page #3484 Pages: Fix default breadcrumb style #3487 Security: All these security issues require access to the backend before they can be exploited. Core: Fix xss bug in multiple select box #3501 Authentication: Intercept a redirect to a different domain on login using // at the start of the queryparameter #3494 Authentication: Reauthenticate a user after password change to log out other sessions #3493 Blog: Prevent sql injection in the backend through bulk action marking comments as spam #3497 Extensions: Prevent xss in the backend in the theme and module detail page through the description #3499 FormBuilder: Prevent sql injection in the backend through bulk deletion of submitted data #3495 Locale: Prevent sql injection in the backend through export of translations #3498 Tags: Prevent sql injection in the backend through bulk deletion of tags #3496 5.11.0 (2021-10-14) Fixed: Core: Fix array offset error for canonical url in meta #3411 Core: Fix deleting cookies #3440 Core: Fix encoding problem with generating urls #3429 Core: Fixed GenarteUrl to allow Backend Locale #3423 Core: Update packages #3452 #3447 #3448 #3451 #3435 #3437 #3439 #3408 #3427 #3469 #3467 #3465 #3462 #3461 #3459 Core: Update the placeholder image URLs #3463 ContentBlocks: Fix mapping old content blocks when copying pages #3442 Docs: Put code in code block #3407 Docs: Update old screenshots #3210 #3412 Locale: Fixed exporting XML truncated by a few bytes Locale: Fixed truncated locale XML export #3470 MediaLibrary: Fix image preview #3434 MediaLibrary: Fix item preview in the editor #3450 Page: Duplicate page image when copying a page to a different locale #3438 Pages: Revert usertemplates fix since it is broken because of the nex security fixes #3460 Search: Fix search total for short terms #3441 Security: Core: Fix xss issue in spoon form #3453 Core: Prevent CSRF logout in the backend #3471 Core: SpoonLibrary expects the charset to be in lowercase, otherwise some xss protections fail #3455 MediaLibrary: Fix xss in mediaitem type movie id on edit #3406 Added: Core: Add support for Google reCAPTCHA v3 #3409 FormBuilder: Copy forms and their widgets when making a language copy #3445 MediaLibrary: Add support for svg #3424 #3432 Changed: DX: Only run tests once on PR #3468 Test: Minor database optimalisation #3443 5.10.0 (2021-05-16) Fixed: Core: Fix double encoding in spoon library #3400 Core: Fix files not loading on some apache servers #3361 Core: Update packages #3398 #3394 #3386 #3385 #3382 #3364 Blog: Fix broken thumbnail in the backend #3360 Pages: Fix usertemplates #3371 #3365 Security: Authentication: Fix xss in redirect url #3355 #3353 MediaLibrary: Fix xss in media item title #3401 MediaLibrary: Fix xss in video ids #3402 Search: Fix xss in search referrer #3387 Spoon: Fix xss in form input files #3357 Added: Core: Add canonical URL to SEO tab #3188 Core: Add CLI command to install a module #3323 Core: Throw an event when the session id changes #3377 MediaLibrary: Add edit button to media item within a form #3192 MediaLibrary: Added a search box to the media library #3189 Pages: Make it possible to set an id in a usertemplate #3166 Changed: Core: Improve GDPR consent dialog #3372 Github: No codecov annotations in PR's #3378 Github: Upgrade to native dependabot #3384