Release notes
Table of contents
- 7.3.9
- 7.4.0-beta.2
- 7.4.0-beta.1
- 7.3.8
- 7.4.0-alpha.2
- 7.3.7
- 7.2.4
- 7.3.6
- 7.2.3
- 7.4.0-alpha.1
- 7.3.5
- 7.3.4
- 7.3.3
- 7.3.2
- 7.3.1
- 7.3
- 7.2.2
- 7.2.1
- 7.2
7.3.9
What’s Changed
- Update filebrowser.cfc by @jimblesphere in #128
- fix empty admin minified JS files
- replace We Are Orange with We Are North (https://www.wearenorth.eu/updates/we-are-north-now-not-orange-heres-why/)
Full Changelog: 7.3.8…7.3.9
7.4.0-beta.2
fixed an issue with empty generated javascript files
7.4.0-beta.1
This is a pre-release version of 7.4 including the follow updates:
- update for the default theme
- new setting showextensionsindefault to show the basic tab extended attributes below the editor
- new search module
- new primarynav module
- new gotofirstchild module
- new nextprevnav module
7.3.8
Bug fixes for:
and CKEditor update to version 4.19.1
7.4.0-alpha.2
This is a pre-release version of 7.4 including the follow updates:
- new Gatted Asset module
- reviewed Navigation module
7.3.7
Security Vulnerability Fix
What was the issue ?
We’ve been informed of a path traversal vulnerability in Masa CMS CVE-2021-42183.
What is fixed ?
The mentioned vulnerability has been fixed.
What versions are affected?
Masa CMS versions 7.2 and 7.3 are affected.
What should you upgrade ?
If you’re on Masa CMS 7.2, you should update to version 7.2.4 immediately. This can be done by applying a manual update.
7.2.4
Security Vulnerability Fix
What was the issue ?
We’ve been informed of a path traversal vulnerability in Masa CMS CVE-2021-42183.
What is fixed ?
The mentioned vulnerability has been fixed.
What versions are affected?
Masa CMS versions 7.2 and 7.3 are affected.
What should you upgrade ?
If you’re on Masa CMS 7.2, you should update to version 7.2.4 immediately. This can be done by applying a manual update.
7.3.6
Security Vulnerability Fix
What was the issue ?
We’ve been informed of a XSS security vulnerability in the Masa CMS administrator.
What is fixed ?
Additional protection against XSS attacks is implemented to further secure the Masa CMS administrator.
What versions are affected?
Masa CMS versions 7.2 and 7.3 are affected.
What should you upgrade ?
If you’re on Masa CMS 7.2, you should update to version 7.2.3 immediately. This can be done by applying a manual update.
7.2.3
Security Vulnerability Fix
What was the issue ?
We’ve been informed of a XSS security vulnerability in the Masa CMS administrator.
What is fixed ?
Additional protection against XSS attacks is implemented to further secure the Masa CMS administrator.
What versions are affected?
Masa CMS versions 7.2 and 7.3 are affected.
What should you upgrade ?
If you’re on Masa CMS 7.2, you should update to version 7.2.3 immediately. This can be done by applying a manual update.
7.4.0-alpha.1
This is a pre-release version of 7.4 including the follow updates:
- updated mura.js to the latest version
- new Button module
- new Info module
- new Media module
- reviewed Form module
- reviewed Image module
- reviewed CTA module
7.3.5
Bug fixes
- bug fixes for
- issue 74
- fixes for integration with s3 in File Browser
7.3.4
Security Vulnerability Fix
What was the issue ?
We’ve been informed of a XSS security vulnerability in the Masa CMS administrator.
What is fixed ?
Additional protection against XSS attacks is implemented to further secure the Masa CMS administrator.
What versions are affected?
Masa CMS versions 7.2 and 7.3 are affected.
What should you upgrade ?
If you’re on Masa CMS 7.3, you should update to version 7.3.4 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
7.3.3
Bug fixes
- bug fixes for
- issue 75
- JS error when publishing a page with an undefined canonicalurl
- JS error when starting inline editing
7.3.2
Bug fixes
7.3.1
Bug fixes
- Improved extended attributes UI in the content manager
- Adobe ColdFusion compatibility fixes
- Improve customUI tab labels issue 56
- bug fixes for
7.3
New features
- New interface for editing content and components in the Masa CMS Administrator
- New File Browser
- File Browser enabled by default
- Introducing a deprecation warnings module
- Introducing the Masa Scope
- ORM Assembler is now in BETA
- Changed the default theme to MasaBootstrap5
Bug fixes
- Old, unused code from Advertisement Manager removed from codebase
- Fixed a tenacious JavaScript console error
- ORM Scaffolder option list and option values list were incorrectly displayed
Deprecations
- Deprecated Mura Scope and tag
- Deprecated Razuna integration
- Deprecated Simple Forms
- Documented deprecations
- Documented deprecations inherited from Mura 7.1
7.2.2
Security Vulnerability Fix
What was the issue ?
We’ve been informed of a XSS security vulnerability in the Masa CMS administrator.
What is fixed ?
Additional protection against XSS attacks is implemented to further secure the Masa CMS administrator.
What versions are affected?
Masa CMS versions 7.2 and 7.3 are affected.
What should you upgrade ?
If you’re on Masa CMS 7.3, you should update to version 7.3.4 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
7.2.1
Security Vulnerability Fix
What was the issue ?
We’ve been informed of a security vulnerability that allows any user to request files outside the asset folder from the server.
What is fixed ?
We’ve improved the security around the assets API endpoint that is affected, to validate that the user can only request assets from the assets folder. In the process we’ve also applied restrictions to the asset upload endpoint, so that only logged in editors can upload assets.
What versions are affected?
Only Masa CMS version 7.2 is affected
What should you upgrade ?
If you’re on Masa CMS 7.2, you should update to version 7.2.1 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
7.2
Mura CMS becomes Masa CMS
- Renamed Mura CMS to Masa CMS
- Replaced Mura CMS logo’s with Masa CMS logo’s
- Removed Mura CMS contributor agreement
- Removed obsolete Docker config
- Removed CKFinder license
- Bugfixes
New features
- Setting for enabling/disabling File Manager, disabled by default
- New image upload in CKEditor, without using CKFinder