News items tagged with "bugs"
This version, code-named 'Limited Lockdown' fixes many security issues in all previous versions and adds screen reader (accessibility) support. We strongly encourage all Exponent installations be upgraded to v2.4.0 as soon as practical! (read more)
There are several security vulnerabilities in all versions of Exponent 2.x found in September and October, 2016, reported by a number of individuals including:Manuel Garcia Cardenas, the PKAV TEAM, fyth, felixk3y, DM_, obfusor, xiaoL, ylgaaaaa, Tomato, wooeast, and xiojunjie, These vulnerabilities could allow possible SQL injections, remote file exploits, RCE, XSS, changes to configurations, and other issues. They have been present in all versions of Exponent (2.x). The fix is: (read more)
This patch fixes several issues in the v2.3.9 release. It also provides several tweaks and new features including a 'fill screen' feature for the elFinder file manager, though the main focus is providing several security fixes. Patch #1 to v2.3.9 is found at http://sourceforge.net/projects/exponentcms/files/exponent-2.3.9-patch-1.zip/download (read more)
This version, code-named 'Sultry Summer' fixes many issues in the previous version(s) and adds several new features. There is a new dynamic drag-n-drop form designer for Twitter Bootstrap 3 based themes which greatly speeds up form design. It also provides much better support for small devices when using a Twitter Bootstrap 3 based theme. Other major include: (read more)