- Fix: CVE-2023-28836 - Stored XSS attack via ModelAdmin views (Thibaud Colas)
- Fix: CVE-2023-28837 - Denial-of-service via memory exhaustion when uploading large files (Jake Howard)
- Fix: Fix radio and checkbox elements shrinking when using a long label (Sage Abdullah)
- Fix: Fix select elements expanding beyond their container when using a long option label (Sage Abdullah)
- Fix: Fix timezone handling of
TemplateResponses for users with a custom timezone (Stefan Hammer, Sage Abdullah) - Fix: Ensure TableBlock initialisation correctly runs after load and its width is aligned with the parent panel (Dan Braghis)
- Fix: Ensure that the JavaScript media files are loaded by default in Snippet index listings for date fields (Sage Abdullah)
- Fix: Fix server-side caching of the icons sprite (Thibaud Colas)
- Fix: Avoid showing scrollbars in the block picker unless necessary (Babitha Kumari)
- Fix: Always show Add buttons, guide lines, Move up/down, Duplicate, Delete; in StreamField and Inline Panel (Thibaud Colas)
- Fix: Ensure datetimepicker widget overlay shows over modals & drop-downs (LB (Ben) Johnston)
- Docs: Fix module path for
MultipleChooserPanelin panel reference docs - Maintenance: Render large image renditions to disk (Jake Howard)