Movable Type 8.4.3 Release Notes
This version of Movable Type was released August 20, 2025.
This release includes security fixes. Six Apart recommends that you upgrade to the latest version.
New and improved features
- Update bundled MTBlockEditor from version 1.2.5 to 1.2.7 (MTC-30425)
- Fixed an issue where captions in the Image block were displayed as encoded text after saving; corrected to display them unencoded (MTC-30068)
- Fixed the issue where content CSS files set with relative paths were not applied; enabled correct application in MTBlockEditor as well (MTC-30045)
- Fixed the issue where the initial value of the image insertion option was unset when “left” or “right” was selected in the image insertion position option of site posting settings (MTC-28893)
- Fixed an issue where, when changing the selected asset in Image block or File block, if an image other than the latest 25 was selected, the modal window would not operate correctly (MTC-30421)
- Fixed an issue where, when saving or previewing with focus remaining on the Block Editor editing area, asynchronously updated information would not be reflected (MTC-30496)
Resolved issues
- Changed the description of the
Mont-Blanctheme (MTC-30433) - Reduced the display load and improved the rendering speed of the admin screen (MTC-30387)
- Modified the deprecation log to record the line number of the deprecated implementation instead of the caller (MTC-30338)
- Fixed an issue where using deprecated features on Windows could cause a regular expression error
no longer supported in regex(MTC-30336)
Security fixes and improvements
- Fixed an issue where manipulation of the HTTP request
Hostheader could lead to redirection to malicious sites (MTC-30358) (CVE-2025-53522)- Allowed setting trusted hostnames via the configuration directive
TrustedHosts
- Allowed setting trusted hostnames via the configuration directive
- Improved the password reset screen to reject invalid parameters (MTC-30384)(CVE-2025-55706)
