JEditor 3.25.5/3.25.5a release notes

Security fix

Fixed a transitive security vulnerability caused by Apache Commons FileUpload 1.5 that affected JEditor 3.25.4/3.25.4a and earlier versions. List of fixed vulnerabilities:

  • CVE-2025-48976

Security advisory for the vulnerability:

https://jeditor.zendesk.com/hc/en-us/articles/38550397579021-JEditor-Security-Advisory-CVE-2025-48976-vulnerability-in-the-commons-fileupload-1-5-library-in-JEditor-3-25-4-and-older-versions

Please note:
Versions of JEditor before 3.25.4 are also affected by the vulnerability. Upgrading to version 3.25.5 updates commons-fileupload to 1.6.0 and permanently fixes the issue. No additional actions are needed.

Bug fixes

  • [Firefox] Corrected the editor background color in Firefox when the dark theme is active.
  • Fixed a few bugs related to copying text between JEditor editors when the dark theme is active.
  • Corrected the font color of headings in editing mode when the dark theme is active.
Alex Bobrovskikh -
Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk