Security Notice: Closing an Exponent Security Vulnerability Exponent CMS Forums Back Up!

Patch #3 Released for V2.3.7

Saturday, January 23, 2016 Tags: patch, release, bugs

This patch fixes several issues in the v2.3.7 release and v2.3.7 patch #1 and patch#2. It also provides several tweaks and even some new features. The main fix is for a security vulnerability using malformed arrays. It also provides some regression fixes to the text module inline-edit view(s). It must be noted that this patch will (again) break any custom text module view templates using in-place editing. This patch adds a couple new features to Twitter Bootstrap 3 based themes in the form of a new date/time picker widget, and a new photoalbum slideshow/carousel widget. There are a few other tweaks and fixes found in this patch. Unlike previous patches, this patch file also includes all the 'installation' files in the event you secured your site by deleting or renaming the /install folder. Patch #3 to v2.3.7 is found at http://sourceforge.net/projects/exponentcms/files/exponent-2.3.7-patch-3.zip/download

v237patch3 adds these features to v237, v237patch1, and v237patch2:
- a better 'read more' implementation for summarized text
- implements a twitter bootstrap 3 based date/time picker widget
- implements a new slideshow/carousel for bootstrap 3 photoalbum (Owl Carousel 2)
- now allows optional image and author selection per podcast/rss feed
- an autosave feature to wysiwyg editors to help recover from page crashes

v237patch3 fixes these issues in v237, v237patch1, and v237patch2:
!!! Security fix for vulnerability using malformed associative arrays
!!! Regression fix possible save/delete action permissions issue using text module inline edit view
!!! THIS FIX BREAKS EXISTING CUSTOM TEXT SHOWALL INLINE (EDIT) VIEWS
- better implementation of setting (new) file/folder permissions (2 new optional upgrade scripts to assist)
- some faq module views and styles were broken
- simplifies .htaccess file

v237patch3 updates these 3rd party libraries in v237, v237patch1, and v237patch2:
- TimyMCE editor to v4.3.3
- easypost library to v3.0.1
- jQuery to v1.12.0 & v2.2.0, w/ migrate to v1.3.0
- bootstrap-dialog to v1.34.9
- elFinder to v2.1.6

Security Notice: Closing an Exponent Security Vulnerability Exponent CMS Forums Back Up!

Join the Exponent Community
: Like Exponent CMS on Facebook; Follow Exponent CMS on Twitter

Forum Activity

Jan 01, 2024 @ 06:24 PM by dleffler v3.0.1patch3 released to update v3.0.0rc1/v3.0.1patch1 | Announcements
Jan 01, 2024 @ 06:22 PM by dleffler v2.7.1patch2 released to fix anomalies with v2.7.1 release | Announcements
May 31, 2023 @ 08:52 PM by dleffler v3.0.1patch2 released to update v3.0.0rc1/v3.0.1patch1 | Announcements
May 31, 2023 @ 08:50 PM by dleffler v2.7.1patch1 released to fix anomalies with v2.7.1 release | Announcements
Mar 07, 2023 @ 07:41 PM by dleffler v3.0.1patch1 released to update v3.0.0rc1 to v3.0.1 and fix anomalies with that release | Announcements
Mar 07, 2023 @ 07:14 PM by dleffler v2.7.1patch1 released to fix anomalies with v2.7.1 release | Announcements

File a Bug Report

Help Improve Exponent

Who Did This?

Exponent CMS is written and maintained by Online Innovative Creations (OIC Group, Inc.), a Peoria web design and development company. OIC Group, Inc. specializes in a wide range of web-based solutions for enterprise-level organizations and local businesses in Peoria. Learn more about this Peoria web design company. Spanning from custom website design and development to local SEO and social media marketing, OIC Group, Inc. is full-service web marketing firm that offers a wealth of solutions.

As the creator of Exponent CMS, OIC Group, Inc. offer fully-custom web design and development programs. To view examples of the company's work, visit the local website design portfolio to see both local and enterprise-level websites that OIC has created. In addition to search engine friendly websites, other specialties of OIC Group, Inc. include website optimization, conversion rate optimization, social media marketing, PPC advertising and Google Ads, local SEO and ecommerce SEO services.

If you're looking for ways to improve the potential of your Exponent CMS website, connect with Exponent CMS on Google+. To stay abreast various ways to better optimize your Exponent CMS website, follow OIC Group web design on Facebook.