2025 Optimizely CMS 11 (PaaS) release notes

  • Updated

Follow this article to receive email notifications when new Optimizely Content Management System (CMS 11) packages are available for 2024 and 2025. Product packages are found on the Optimizely NuGet server

Are you looking for release notes before January 2024? See the Optimizely Release Notes on the Optimizely World site.

You can find prior versions of user guides (2021 and older) and when functionality was released or deprecated at the following locations:

Most recent releases

Date Release Type
June 30, 2025 Enhancements and bug fixes
April 22, 2025 Bug fixes
February 11, 2025 Bug fix
February 2, 2025 Bug fix

CMS 11

EPiServer.CMS.Core

11.21.4—June 30, 2025

Enhancements

A user can embed JavaScript in XhtmlString properties and in uploaded files. Often this is intended, but sometimes it can be malicious.  Through configuration, you can specify the following options for MediaUploadModeXhtmlString, LinkItem and Url when you upload a file with scripts or in other properties.

  • Keep = If the file contains JavaScript, then keep and execute it. If a property has JavaScript, allow it.
  • Remove = If the file contains JavaScript, remove the script before saving the file. If a property has JavaScript, remove it.
  • ThrowException = If the file contains JavaScript, do not upload the file and display an error in the upload dialog box. If a property has JavaScript, display an error.

See Filter JavaScript from properties and files

Bug fixes

  • CMS-36261 – Fixed a timing issue that occurred when there were many content types and simultaneous access to certain types. The issue arose because EagerCompileProxies was called in a background thread, and if there are many ContentTypes, it takes time to generate proxies. During this proxy generation, if someone accessed types using AppDomain.CurrentDomain.GetAssemblies() and subsequently attempted to access those types, an exception was thrown.
  • CMS-28200 – Fixed an issue where indexing failed due to a license check error during serialization.

11.21.3—April 22, 2025

Bug fixes

  • CMS-31794 – Fixed an issue where a vulnerability existed between the SQL client and the SQL server in System.Data.SqlClient NuGet packages. See Microsoft security advisory announcement: https://github.com/dotnet/announcements/issues/292#affected-packages.
  • CMS-28027 – Fixed an issue where, when you clicked Stop Job on a custom long-running scheduled job, the job became stuck in a running state and displayed The job is stopping message.  There was no change upon reloading the page and you could not start or stop the job from that state. Now, the job stops successfully and a message prompts you to refresh the page to see the updated status. 

EPiServer.CMS.UI

11.37.4—February 11, 2025

Bug fix

  • CMS-38861 – Fixed a type issue in the tooltip dialog for installations using sv-SE culture.

EPiServer.Azure

11.2.1—January 7, 2025

Bug fix

  • CMS-38103 – Fixed an issue by restoring two methods, AzureBlobProvider.Initialize() and AzureBlobProvider.Validate(string connectionString, string containerName) to avoid breaking changes.