25May, 2025
Replacing a SOLR certificate is routine business these days, but something went sideways this time, and I couldn't stop the service, which led to its own problems. In the end I created a self signed one and used that instead, and I'll show you what I did to get the service to respond.
13May, 2025
A critical vulnerability has been announced, which is related to UI controls from Telerik. It affects CM and standalone, but if you are following proper security protocols the risk should be low even though the vulnerability is high. I'll explain.
07Sep, 2024
This week Sitecore released a known issue stating, “Any Sitecore Client user is capable of performing boost and kick operations after the maximum number of allowed users has been reached”. A starting point for the code fix was provided, but teams will need to complete it, then package and deploy it. I've done that and uploaded the package for anyone who needs it.
Read More
06Aug, 2024
A critical vulnerability has been announced, which allows for unauthenticated file reads on a CM or Standalone instance. It's recommended this patch is installed on all instances from version 8.0 initial release to 10.4 initial release.
Read More
29Jun, 2024
The polyfill.io domain, which used to be the source for a library that helps resolve inconsistencies across different browsers, has been purchased by the Chinese company Funnull in February 2024, and is now using it to inject malware into well over 100,000 websites around the world.
Read More