Hello my fellow preside users, Lucee has just published two RCs
These releases enable the XML XXE mitigations by default, as per the following post, you can enable them via Application.cfc but we have decided to make them the default as there are a lot of nasty actors out there.
I have been working with @dominic.watson, Preside runs great on 5.4.2-RC
One caveat with using Lucee 5.4: it will automatically upgrade the Lucee Image extension to v2, which is currently incompatible with Preside (fix coming soon in Preside).
Until then, you should downgrade the image extension to v1.0.0.51 (itβs important that you use the 51 patch release, as that contains a fix to make v1 compatible with Lucee 5.4/6).
Preside has now been upgraded for compatibility with v2 of the Lucee image extension.
The fix is available in v10.24.14, and patched back as far as v10.14. See [PRESIDECMS-2693] - JIRA for details of the change (it almost certainly will not affect your code) and for a list of all the patched versions.