Announcing Concrete CMS 9.2.8 and 8.5.16 Release

Announcing Concrete CMS 9.2.8 and 8.5.16 Release

Apr 3, 2024
by jessicadunbar

We're excited to bring you the latest updates in our CMS with the releases of version 9.2.8 and version 8.5.16! Focused on improving security and fixing bugs, these updates ensure a safer and more reliable experience for webmasters and users alike. 

Download

Here's what you need to know:

9.2.8 Release Highlights

Bug Fixes

  • We've resolved an issue where the c5:info console command wouldn't work if the Concrete webroot wasn't already an installed site.
  • The logout link in the toolbar now works correctly for users logged in with editor permissions who don't have Dashboard access.

Security Enhancements

  • We've tackled several security vulnerabilities to prevent Cross-Site Scripting (XSS) attacks in various CMS components, including the calendar color settings, advanced file search filter, custom class page editing, the link-text field in blocks of type file, and the search field. These fixes improve the security against rogue administrators and were resolved thanks to our vigilant Concrete CMS community members who reported these issues.

To delve deeper into the technicalities and view the specific security fixes, including CVE IDs and the commits that resolved them, visit our security release blog post.

8.5.16 Release Update

Security Enhancements

The 8.5.16 release mirrors the security updates of 9.2.8, addressing the same vulnerabilities in the earlier version of the CMS to ensure comprehensive protection across versions.

By promptly updating to the latest versions, 9.2.8 or 8.5.16, you'll not only benefit from these security improvements but also contribute to the overall safety and integrity of the web ecosystem.

Thank you to everyone in our community who reported these issues, and to all our users for your continued trust in Concrete CMS. Your security and satisfaction are our top priorities, and we're committed to delivering robust solutions that meet your needs.

For detailed information on all the new features and enhancements included in these releases, please visit our release notes section. Stay updated, stay secure!

Your feedback and reports are invaluable to us. If you encounter any issues or have suggestions for future updates, please reach out through our support channels. Let's continue to build a safer, more efficient web together!