2.1 Version

New Features  /Modules

  • Live Chat: improved design, email log, support 3 operators, smiles, hash tags to operate chat from IM;
  • Updates module: create announcement, news or updates of your community shown on home page.

Enhancements

  • Removed requirement of Zend Guard Loader (only commercial packages);
  • Development Licenses: install system wherever you want with dev licenses generated in License Manager;
  • Now if registered user votes for topic, he automatically follows it to receive updates;
  • Categories module: if there is no icon assigned to category, default icon is shown;
  • Files module: brings image upload from local computer in WYSIWYG;
  • WYSIWYG: automatically interpret pasted URLs. New Video Option to insert video from Youtube & Vimeo;
  • Improved Search;
  • Other small enhancements in design and functionality.

Bug Fixes

  • Moderation module: didn't work pagination correctly;
  • Filters on profile didn't work correctly if user was not admin or official representative;
  • Home page featured area search with "/" character inside didn't work;
  • Search Results: filters on new, updated, opular didn't work correctly;
  • Activity Log: special characters in name were shown incorrectly;
  • Mobile Interface: if official answer had attachment, crash report was sent on mobile interface.

Security Fixes

  • Medium Risk: there was risk running automatic system restore from backup from outside system;
  • Medium Risk: ssl cookies & sessions set by application didn't have a secure parameter;
  • Low Risk: after login, upgrade script could be triggered by any user, though without any result;
  • Low Risk: XSS in user profile management;
  • Low Risk: XSS in response management - tags area;

Thanks to guys from Pentesters we've found vulnerabilities and fixed them.

Is article helpful?