- Generic SMTP Server support has been added to the Mail Delivery options.
- A quick link for viewing a user's audit trail when editing them has been added.
- Quick links to toggle between editing a Setting's value and configuration have been added.
- TinyMCE has been updated to 4.6.5.
- The 404 Manager now supports multi-domain sites.
- Fixed empty folder names being able to be created in the File Manager
- Fixed attempting to logout on the front-end of the site throwing a CSRF error.
- Fixed attempting to view an audit trail through the overflow menu shortcut throwing a CSRF error.
- Fixed phtml/pht files are no longer allowed file types to be uploaded to the File Manager as they are a security risk on some systems. (thanks xkfxkf)
- Fixed unlocking pages being vulnerable to a CSRF attack. (thanks xkfxkf)
- Fixed users being able to delete themselves if they tried very hard to do so. (thanks xkfxkf)
- Fixed resizing of view columns occasionally breaking if the right column was resized.
- Fixed unescaped data being drawn when viewing a package / extension's details before installing. (thanks xkfxkf)
- Fixed a plethora of minor CSRF-vulnerable actions. (thanks xfkxfk)
- Fixed revision descriptions not being escaped when saving page revisions. (thanks xfkxfk)
- Fixed pending page changes not being properly escaped after updating. (thanks yjn818)
- Fixed replacing files in the File Manager failing with a CSRF error. (thanks Joe @ Ignition 72)
- Fixed duplicate results in the File Manager when searching for files that exist in multiple folders.
- Fixed the generated Route field type not saving its options. (thanks doon.mok)
- Fixed SQL Injection related data leakage in saving tags. (thanks songtancat)
- Fixed duplicate required messages in custom fields with multiple sub-fields that are required.
- Fixed recursive matrices throwing errors in Integrity Check
- Fixed deprecated TinyMCE spellcheck settings (thanks mcongrove)
- Fixed XSS vulnerability in the photo gallery on the example site. (thanks lsg2409)
- Fixed empty module forms not being editable.
- Fixed no error being thrown when a form failed to add an entry due to a SQL error.