MODx 2.5.7-pl
4 May 2017
MODx version 2.5.7-pl is now available.
Upgrading to MODx 2.5.7-pl
MODx 2.5.7-pl can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply MODx updates as new versions are released, or use Installatron's Clone feature to duplicate an existing MODx install to test the 2.5.7-pl upgrade prior to applying it live. Get started managing your MODx installations with Installatron
What's New in MODx 2.5.7-pl
- Try all available methods when attempting to download transport packages [#13419]
- Prevent stored XSS in UserGroup names and various other fields [#13418]
- Prevent user/email enumeration in forgot password feature [#13408]
- Prevent XSS cache poisoning via Host header [#13426]
- Proper use of json_encode and error handling for outputArray() in processors [#13389]
- Prevent reflected XSS in setup [#13424]
- Fix local file inclusion vulnerability in setup action parameter [#13422]
- Fix various local file inclusion preventions to also protect on windows [#13428]
- Remove htaccess from allowed file types on new installations [#13423]
- Prevent stored XSS in resource pagetitle [#13415]
- Make search bar work as expected on Chrome & Firefox [#13405]m