Donnerstag, 01 Februar 2018

Update des JCE (Joomla Content Editor) - Version 2.6.25 und 2.6.26

geschrieben von

Am 31.01.2018 wurde das Security-Update für den Joomla Content Editor (JCE) auf die Version 2.6.26 als Teilkorrektur für die Version 2.6.25 veröffentlicht.

Nachstehende Änderungen aus dem offiziellen Changelog zur Version 2.6.26

2.6.26 is a security release.

The decision to include support for svg files by default in JCE 2.6.25 was unfortunately not well thought through. It has been brought to my attention that there is the potential for svg files to be used to execute cross-site scripting attacks, due to the fact that they are essentially a form of xml file. Although the method by which they would be embedded using the Image Manager, with the <img> tag, prevents scripts from being executed, it would be safer to restrict the option of allowing svg files to be user defined.

 

Nachstehende Änderungen aus dem offiziellen Changelog zur Version 2.6.25

  • Added: Support for svg files as an image filetype.
  • Added: Header, Footer and Nav block elements added to the Format list.
  • Changed: Revert to using images for Visual Blocks labels.
  • Fixed: Images in tables could not be selected if the table was right-aligned.
  • Fixed: Numbers in a list style, eg: 23. 24. etc. in unordered lists were removed when pasting from Word.
  • Fixed: Copy/Cut and Paste of editor content would sometimes include incorrect formatting.
  • Fixed: Copy/Cut of images in the editor that included a link would paste without the link.
Gelesen 4008 mal Letzte Änderung am Donnerstag, 01 Februar 2018
ANDweb

Webdesign Agentur in Wiesbaden
Inh. Ulrich Anders
Kontakt

nach
oben