We've released a new maintenance update for PivotX. This release fixes a minor security-issue, so it is a recommended upgrade for all PivotX 2.x websites. For former security related issues and patches, see the page dedicated to Security issues.
These are the changes since PivotX 2.3.9:
- Properly escape user-controlled variables in the file explorer. (XSS)
- Moblog fixes - debugging and handling of mails with images from the default iphone mail app.
- Updated TinyMCE to 3.5.11
- Strip HTML tags the the request variable "px_message". Thx, Waledac Oxana!
- Wrong domain for session cookie if the web server is running on a non-standard port.
The PivotX 2.3.10 release can be downloaded from this location: pivotx.net/files/pivotx_latest.zip (or pivotx.net/files/pivotx_latest.tgz, if you prefer.tgz files). For setup instructions, we point you to our documentation: Getting the files & installing. If you're having trouble downloading the files, you can also download them from our sourceforge mirror.