Please disregard the 'View article...' shown at the bottom of many posts as this is the result of restoring old forum posts from a backup.

v2.4.1patch5 released to fix a couple critical issues!

edited September 2017 in Announcements
Hot on the heals of patch #4, this patch fixes a two critical issues in the v2.4.1 patch #4 release (and prior) which may cause some modules with odd source names to disappear such as those added to the flyout sidebars. It also fixes a possible XSS exploit in elFinder (thanks to chengable) We strongly encourage all Exponent installations be upgraded to v2.4.1 as soon as practical! Patch #5 to v2.4.1 is found at http://sourceforge.net/projects/exponentcms/files/exponent-2.4.1-patch-5.zip/download

v241patch5 adds these features to v241:
- change default password security to blowfish vs md5
- allow specifying events send_reminders view in url
- add jquery/bootstrap-3 based toggle widget

v241patch5 fixes these issues in v241:
- regression fix (v240) invalidating valid source names made some modules disappear
- fix styling issue with bs3 form designer 'Toggle Designer Grid'
- regression fix with links showall view links if the open new window option was selected
- fix possible xss security issue with elFinder (thanks to chengable)
- fix new socialfeed notes view photos on firefox and opera

v241patch5 updates these 3rd party libraries in v241:
- mediaelement.js to v4.0.6 
Sign In or Register to comment.