JCE Content Editor 2.9.22 Released
JCE v2.9.22 is a bug fix release.
JCE now requires PHP 7.4 or later.
This version of JCE is compatible with the Joomla! 4 CMS.
See links below.
If you are still using a version of JCE Content Editor which is earler than v2.9.0 or later then you should update it.
Reason: older versions are no longer being developed, maintaned or supported by the developer.
Read more: JCE and Joomla! 4 (commencing JCE 2.9.11).
Useful JCE Content Editor Information
Before using JCE we recommend you check out the developer's web page detailing server requirements and more for the best experience using their excellent extension.
Visit the following link to make use of some really useful video tutorials at the developer's website.
Release date: 22 July 2020.
JCE v2.8.15 included an important security update to prevent potential cross-site scripting attacks when using the editor.
Refer to developer's Release Notes for more information.
Release date: 31 January 2018.
The previous JCE release (2.6.25) introduced support for SVG files as an IMAGE FILETYPE by default.
Here is the developer's explanation for why the security fix was needed.
"The decision to include support for svg files by default in JCE 2.6.25 was unfortunately not well thought through. It has been brought to my attention that there is the potential for svg files to be used to execute cross-site scripting attacks, due to the fact that they are essentially a form of xml file. Although the method by which they would be embedded using the Image Manager, with the tag, prevents scripts from being executed, it would be safer to restrict the option of allowing svg files to be user defined."
More details in the developer's Change Log.
Better still, simply use the latest available release.
Back up before updating any 3rd party Joomla! extension
Any update can break your website.
Perform a FULL backup of your website (database and files) before installing any update.