tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity
a6f794c3b9
silverstripe-framework/docs/en/changelogs/rc/3.0.9-rc1.md
Ingo Schommer a6f794c3b9 Added 3.0.9-rc1 changelog
2014-02-19 15:20:24 +13:00

862 B
Raw Blame History

3.0.9-rc1 (2014-02-19)

Overview

  • Security: Require ADMIN for ?flush=1&isDev=1 (SS-2014-001)
  • Security: XSS in third party library (SWFUpload) (SS-2014-002)
  • Security: SiteTree.ExtraMeta allows JavaScript for malicious CMS authors (SS-2014-003)

Upgrading

SiteTree.ExtraMeta allows JavaScript for malicious CMS authors

If you have previously used the SiteTree.ExtraMeta field for <head> markup other than its intended use case (<meta> and <link>), please consult SS-2014-003.