Revolution 2.2.11—Security Fixes and Prevent Change Loss

by Jay Stephen Gilmore

Published on January 21, 2014

Revolution 2.2.11 was released today. It includes two security fixes including one affecting the phpThumb library that ships with Revo. In addition, it eliminates a bug that appeared in Google Chrome 32 and adds an alert notifying users to confirm navigation to prevent losing unsaved changes.

As this release contains security fixes, we recommend upgrading all your sites. If you’re using MODX Cloud, this just takes a couple clicks.

2.3 is coming and we’ll have an update on what we’ve been up to, soon.

Here are the highlights of changes in the 2.2.11 release:

  • Update phpThumb to 1.7.11-beta to close security vulnerability
  • Prevent XSS on actionVar in header.tpl in the Manager
  • Eliminate unwanted “confirm navigation” alerts in Chrome 32+
  • Added intentional “confirm navigation” to prevent loss of unsaved changes
  • Fix caching of manager menus. Until now, they may not have been ever cached
  • For more details, read the complete changelog

Here’s what you need to get started or upgrade to MODX Revolution 2.2.11:

We highly recommend keeping your software up-to-date. If you need help upgrading your site, please contact your website builder or contact a MODX Professional.

MODX is only as good as it is because of many individual community members and users that take the time to report issues and request new features. Make sure you read the documentation, post feedback and share your successes in the MODX community forums.

On behalf of the entire MODX Team,

Millions Rely on MODX

In 2005, MODX could power a fully mobile-responsive website using HTML5 and CSS3, even though those technologies weren’t invented yet. And with MODX today, you’re ready not only for what you need now but also what comes next.

Try MODX Right Now