Version 3 end of life
This version of Silverstripe CMS will not recieve any additional bug fixes or documentation updates. Go to documentation for the most recent stable version.



  • Security: Require ADMIN for ?flush=1&isDev=1 (SS-2014-001)
  • Security: XSS in third party library (SWFUpload) (SS-2014-002)
  • Security: SiteTree.ExtraMeta allows JavaScript for malicious CMS authors (SS-2014-003)
  • Better loading performance when using multiple UploadField instances
  • Option for force_js_to_bottom on Requirements class (ignoring inline <script> tags)
  • Added ListDecorator->filterByCallback() for more sophisticated filtering
  • New DataList filters: LessThanOrEqualFilter and GreaterThanOrEqualFilter
  • "Cancel" button on "Add Page" form
  • Better code hinting on magic properties (for IDE autocompletion)
  • Increased Behat test coverage (editing HTML content, managing page permissions)
  • Support for PHPUnit 3.8


SiteTree.ExtraMeta allows JavaScript for malicious CMS authors

If you have previously used the SiteTree.ExtraMeta field for <head> markup other than its intended use case (<meta> and <link>), please consult SS-2014-003.