Masthead image for SitecoreFundamentals.com
Banner image for I Made a Package for the Unrestricted Boost Operation Known Issue article

This week Sitecore released a known issue stating, “Any Sitecore Client user is capable of performing boost and kick operations after the maximum number of allowed users has been reached”. A starting point for the code fix was provided, but teams will need to complete it, then package and deploy it. I've done that and uploaded the package for anyone who needs it. 

Read More
Banner image for Security Bulletin SC2024-001-619349 Is Needed for Your CM/Standalone Instances article

A critical vulnerability has been announced, which allows for unauthenticated file reads on a CM or Standalone instance. It's recommended this patch is installed on all instances from version 8.0 initial release to 10.4 initial release.

Read More
Banner image for A New Security Exploit Is Making Its Rounds via Polyfill.io and Must Be Removed Immediately article

The polyfill.io domain, which used to be the source for a library that helps resolve inconsistencies across different browsers, has been purchased by the Chinese company Funnull in February 2024, and is now using it to inject malware into well over 100,000 websites around the world.

Read More
Banner image for Reset Your Sitecore Accounts After a Configurable Amount of Time Has Passed article

A common question raised in the community is, “How do I unlock a Sitecore account due to bad password attempts?”. The fix is easy enough with a simple SQL command, but why not use a task that will do this for you? Let's go over the direct fix using SQL and an automated way as well.

Read More
Banner image for Broken PowerShell Methods After Sitecore Security Bulletin SC2023-003-587441 Due to Versioning Differences article

The most recent security patch from Sitecore addressed some critical issues. There is an assumption in it, however, that you're using PowerShell 6, which will break some functionality if you have a lower version installed. 

Read More