Edit File by line

5.12.0 (2023-07-31)

[0] Fix | Delete

------------------

[1] Fix | Delete

[2] Fix | Delete

Fixed:

[3] Fix | Delete

* Core: Fix redirecting in parseWidget [#3513](https://github.com/forkcms/forkcms/pull/3513)

[4] Fix | Delete

* Core: Make privacy consent dialog scrollable on mobile [#3507](https://github.com/forkcms/forkcms/pull/3507)

[5] Fix | Delete

* Core: Make the old session clean-up method timezone aware [#3511](https://github.com/forkcms/forkcms/pull/3511)

[6] Fix | Delete

* Core: Move the apple touch icon to the theme [#3512](https://github.com/forkcms/forkcms/pull/3512)

[7] Fix | Delete

* Pages: Allow the use of install in a page title [#3533](https://github.com/forkcms/forkcms/pull/3533)

[8] Fix | Delete

* Pages: Skip empty images while copying a page [#3545](https://github.com/forkcms/forkcms/pull/3545)

[9] Fix | Delete

[10] Fix | Delete

Security:

[11] Fix | Delete

* Core: Fix Open Redirect issue [#3547](https://github.com/forkcms/forkcms/pull/3547)

[12] Fix | Delete

[13] Fix | Delete

Added:

[14] Fix | Delete

* CLI: Reset password CLI command [#3491](https://github.com/forkcms/forkcms/pull/3491)

[15] Fix | Delete

* Profiles: Autocomplete attributes [#3508](https://github.com/forkcms/forkcms/pull/3508)[#3548](https://github.com/forkcms/forkcms/pull/3548)

[16] Fix | Delete

[17] Fix | Delete

Changed:

[18] Fix | Delete

* Core: Added PHP8 support and bumped minimum to 7.4 [#3538](https://github.com/forkcms/forkcms/pull/3538)

[19] Fix | Delete

* Core: Switched to symfony 4.4 [#3538](https://github.com/forkcms/forkcms/pull/3538)

[20] Fix | Delete

[21] Fix | Delete

5.11.1 (2022-03-24)

[22] Fix | Delete

[23] Fix | Delete

Fixed:

[24] Fix | Delete

[25] Fix | Delete

Core: Add missing aria attributes on form errors #3485

[26] Fix | Delete

Core: Fix adding links on images in ckeditor #3478

[27] Fix | Delete

Core: Fix database env variables not resolving before checking installed module #3502

[28] Fix | Delete

Core: Update packages #3500 #3482 #3483 #3489 #3490 #3492

[29] Fix | Delete

Blog: Fix translation in wordpress import page #3484

[30] Fix | Delete

Pages: Fix default breadcrumb style #3487

[31] Fix | Delete

[32] Fix | Delete

Security:

[33] Fix | Delete

[34] Fix | Delete

All these security issues require access to the backend before they can be exploited.

[35] Fix | Delete

[36] Fix | Delete

Core: Fix xss bug in multiple select box #3501

[37] Fix | Delete

Authentication: Intercept a redirect to a different domain on login using // at the start of the queryparameter #3494

[38] Fix | Delete

Authentication: Reauthenticate a user after password change to log out other sessions #3493

[39] Fix | Delete

Blog: Prevent sql injection in the backend through bulk action marking comments as spam #3497

[40] Fix | Delete

Extensions: Prevent xss in the backend in the theme and module detail page through the description #3499

[41] Fix | Delete

FormBuilder: Prevent sql injection in the backend through bulk deletion of submitted data #3495

[42] Fix | Delete

Locale: Prevent sql injection in the backend through export of translations #3498

[43] Fix | Delete

Tags: Prevent sql injection in the backend through bulk deletion of tags #3496

[44] Fix | Delete

[45] Fix | Delete

5.11.0 (2021-10-14)

[46] Fix | Delete

[47] Fix | Delete

Fixed:

[48] Fix | Delete

[49] Fix | Delete

Core: Fix array offset error for canonical url in meta #3411

[50] Fix | Delete

Core: Fix deleting cookies #3440

[51] Fix | Delete

Core: Fix encoding problem with generating urls #3429

[52] Fix | Delete

Core: Fixed GenarteUrl to allow Backend Locale #3423

[53] Fix | Delete

Core: Update packages #3452 #3447 #3448 #3451 #3435 #3437 #3439 #3408 #3427 #3469 #3467 #3465 #3462 #3461 #3459

[54] Fix | Delete

Core: Update the placeholder image URLs #3463

[55] Fix | Delete

ContentBlocks: Fix mapping old content blocks when copying pages #3442

[56] Fix | Delete

Docs: Put code in code block #3407

[57] Fix | Delete

Docs: Update old screenshots #3210 #3412

[58] Fix | Delete

Locale: Fixed exporting XML truncated by a few bytes

[59] Fix | Delete

Locale: Fixed truncated locale XML export #3470

[60] Fix | Delete

MediaLibrary: Fix image preview #3434

[61] Fix | Delete

MediaLibrary: Fix item preview in the editor #3450

[62] Fix | Delete

Page: Duplicate page image when copying a page to a different locale #3438

[63] Fix | Delete

Pages: Revert usertemplates fix since it is broken because of the nex security fixes #3460

[64] Fix | Delete

Search: Fix search total for short terms #3441

[65] Fix | Delete

[66] Fix | Delete

Security:

[67] Fix | Delete

[68] Fix | Delete

Core: Fix xss issue in spoon form #3453

[69] Fix | Delete

Core: Prevent CSRF logout in the backend #3471

[70] Fix | Delete

Core: SpoonLibrary expects the charset to be in lowercase, otherwise some xss protections fail #3455

[71] Fix | Delete

MediaLibrary: Fix xss in mediaitem type movie id on edit #3406

[72] Fix | Delete

[73] Fix | Delete

Added:

[74] Fix | Delete

[75] Fix | Delete

Core: Add support for Google reCAPTCHA v3 #3409

[76] Fix | Delete

FormBuilder: Copy forms and their widgets when making a language copy #3445

[77] Fix | Delete

MediaLibrary: Add support for svg #3424 #3432

[78] Fix | Delete

[79] Fix | Delete

Changed:

[80] Fix | Delete

[81] Fix | Delete

DX: Only run tests once on PR #3468

[82] Fix | Delete

Test: Minor database optimalisation #3443

[83] Fix | Delete

[84] Fix | Delete

5.10.0 (2021-05-16)

[85] Fix | Delete

[86] Fix | Delete

Fixed:

[87] Fix | Delete

[88] Fix | Delete

Core: Fix double encoding in spoon library #3400

[89] Fix | Delete

Core: Fix files not loading on some apache servers #3361

[90] Fix | Delete

Core: Update packages #3398 #3394 #3386 #3385 #3382 #3364

[91] Fix | Delete

Blog: Fix broken thumbnail in the backend #3360

[92] Fix | Delete

Pages: Fix usertemplates #3371 #3365

[93] Fix | Delete

[94] Fix | Delete

Security:

[95] Fix | Delete

[96] Fix | Delete

Authentication: Fix xss in redirect url #3355 #3353

[97] Fix | Delete

MediaLibrary: Fix xss in media item title #3401

[98] Fix | Delete

MediaLibrary: Fix xss in video ids #3402

[99] Fix | Delete

Search: Fix xss in search referrer #3387

[100] Fix | Delete

Spoon: Fix xss in form input files #3357

[101] Fix | Delete

[102] Fix | Delete

Added:

[103] Fix | Delete

[104] Fix | Delete

Core: Add canonical URL to SEO tab #3188

[105] Fix | Delete

Core: Add CLI command to install a module #3323

[106] Fix | Delete

Core: Throw an event when the session id changes #3377

[107] Fix | Delete

MediaLibrary: Add edit button to media item within a form #3192

[108] Fix | Delete

MediaLibrary: Added a search box to the media library #3189

[109] Fix | Delete

Pages: Make it possible to set an id in a usertemplate #3166

[110] Fix | Delete

[111] Fix | Delete

Changed:

[112] Fix | Delete

[113] Fix | Delete

Core: Improve GDPR consent dialog #3372

[114] Fix | Delete

Github: No codecov annotations in PR's #3378

[115] Fix | Delete

Github: Upgrade to native dependabot #3384

[116] Fix | Delete

[117] Fix | Delete