Khoros Communities 25.12 Release Notes
The Khoros Communities 25.12 release delivers extensive accessibility improvements across both Classic and Aurora platforms, critical security fixes, significant search and analytics enhancements, and numerous stability improvements for content management, rich text editing, and API functionality. Classic Applied input sanitization for survey form submissions to ensure data integrity and security. Fixed slide-out navigation menu accessibility violations including improper button element nesting and focus management issues affecting screen readers. Fixed spoiler tags scrolling to page top instead of expanding content on first visit due to script loading latency. Fixed Q&A structured data linking accepted answer URLs to author profiles instead of actual solution posts, improving SEO accuracy. Fixed LiQL query operator "!=" to correctly apply multiple exclusion conditions, allowing users to exclude multiple nodes in a single query. Fixed code snippet syntax highlighting disappearing when editing posts containing li-code elements. Fixed post counter incorrectly decreasing when deleting product idea status updates. Enhanced V2 API error messages to specify which field and content caused validation failures, providing actionable feedback to API consumers. Fixed post approval failures in moderation manager showing false success messages when approving spam in archived threads. Fixed kudos leaderboard displaying empty slots when deleted users were included in rankings. Fixed API errors when querying subscriptions for label objects. Enabled text key scoping for TKB template selection page to support template-specific customization. Fixed API errors when retrieving posts containing malformed CSS classes in HTML content. Optimized settings editor to reduce search reindex latency from 20-90 seconds to under 3 seconds when updating large custom settings. Added comprehensive accessibility improvements including: proper combobox roles for all search and autocomplete fields; ARIA expanded/collapsed states for image upload controls; corrected button roles for file upload and avatar controls; keyboard focus management in settings tabs; screen reader announcements for file upload status messages; and notification settings sections defined as proper headings for navigation. Aurora Fixed critical authorization vulnerability in GraphQL endpoints to properly enforce permission checks for privileged operations. Implemented multi-select functionality for idea status filter in ideas widget, providing filtering parity with Classic Community. Implemented SEO improvements for tag pages including lowercase URLs, updated robots meta tags, and dynamic meta descriptions. Enabled notifications and email alerts for followed tags, resolving "No activity yet" displays despite active content. Fixed image lightbox not opening when clicking images in post replies. Fixed spotlight search bar disappearing for anonymous users when typing specific search terms. Fixed date calculations showing incorrect year values in user profiles due to improper rounding of negative numbers. Updated tooltip text from deprecated "Kudos received" to "Likes received" throughout Aurora. Fixed cookie banner reappearing on page refresh despite user accepting or declining consent. Fixed pixelated thumbnail image display across community pages on high-DPI displays. Fixed date preference not applying to profile page elements when set to absolute format. Fixed internal links not opening in new window when using Cmd-click on Mac or Ctrl-click on Windows. Fixed ZIP file attachment failures on Windows systems due to MIME type mismatch. Fixed GraphQL ancestorId constraint returning zero results for boards queries. Fixed timestamp mouseover displaying incorrect timezone after user login/logout cycles. Fixed idea status updates displaying status ID instead of custom status name in user profiles. Enabled bold formatting for hyperlinked text in rich text editor regardless of formatting order. Fixed roles filter in analytics to display all community roles instead of only 25. Fixed LithiumVisitor cookie being reset on every asset request, causing inflated visitor counts in analytics. Fixed graphqlAdmin permission elevation for addUsersToRole mutation in endpoints. Removed "Category:" prefix from browser tab titles on category homepages used as localized entry points. Fixed search filters being cleared when performing consecutive searches. Fixed quote button being hidden by browser context menu on touch devices by repositioning below selected text. Fixed card view image quality on high-DPR displays by increasing thumbnail dimensions. Removed inappropriate content filters from OAuth SSO token validation and abuse content moderation workflows. Fixed place filter in ideas analytics report to correctly scope data to selected category. Fixed missing user names in reply notification emails. Fixed featured badge display to show highest earned badge level instead of first earned. Fixed featured content widget briefly displaying restricted content to anonymous users during page load. Fixed image upload order and caption issues when uploading multiple images simultaneously. Fixed publication scheduler being obscured by footer UI elements. Fixed oversized image warning notification persisting across page navigation. Fixed "Show More" button resetting page scroll position to top on large threads. Fixed duplicate author attribution display in TKB contributor lists. Fixed locked indicator not displaying on threads with zero comments. Fixed date display formatting issue causing text wrapping in published article tables. Fixed analytics report table displaying incorrect numbers for values above 10 million. Fixed inconsistent auto-hyperlink conversion when pasting URLs and quickly pressing Enter. Fixed text pasting issue when replacing highlighted text from Notepad or VSCode. Whitelisted @fluentui/react package for custom component development. Added permission check to prevent image paste operations when user lacks image posting permissions. Fixed missing UI error message when group names exceed 40 character limit. Fixed images uploaded in HTML widgets displaying as broken due to malformed URLs. Fixed closed private messages in inbox failing to load when messages referenced deleted users. Fixed Annual Total Visits mismatch and incorrect contract period display in Community Analytics billing dashboard. Fixed missing GroupHub "Invite Sent" events in Firehose when invitations were sent via email. Fixed blank member registration graph in analytics caused by Elasticsearch circuit breaker exceptions. Fixed day-of-week misalignment in analytics "Match day of the week" year-over-year comparisons. Added comprehensive accessibility improvements including: text color control swipe accessibility on mobile; alt text for like icons and profile images; descriptive labels for form fields in private messaging; proper combobox announcements for all autocomplete fields; ARIA states for menu selections, sort controls, and expandable elements; improved button labels for skin tone picker, logo links, and context-specific actions; corrected button roles for rich text editor toolbar controls; and screen reader support for tooltips on mobile devices. Pre-Prod Rollout: December 15-16. Testing window open from December 16 through January 4. Production Rollout: January 6-7 The rollout will follow the standard maintenance windowsKhoros K1, Care, Marketing, Flow Release notes
Khoros Care Customer Experience Improvements TikTok Response Labeling Enhancement: Agent responses to TikTok conversations are now correctly identified in the conversation timeline, eliminating incorrect "External response" labels that caused confusion for agents Trustpilot Data Recovery: Backfilled missing Trustpilot reviews that failed to process during authentication issues, restoring complete customer review data Community User Avatar Handling: Fixed issue where Community users without profile pictures caused processing failures, ensuring all Community posts are properly delivered to Care Brand Messenger Chat Reliability: Resolved bot response delivery issues in Brand Messenger widget, ensuring consistent message arrival and improved error logging for customer interactions Social Media Authentication & Message Processing: Resolved authentication issues and improved message processing reliability for social media channels, ensuring consistent delivery of customer messages Message Processing Reliability: Improved retry mechanism for failed message processing, reducing message delivery failures Performance & Scalability European Region Performance: Increased capacity in EU region to handle higher load during business hours, improving response times and system stability Proactive System Monitoring: Deployed comprehensive monitoring across US, EU, and APAC regions to validate core platform functionality including agent conversation handling, queue management, agent assist widgets, and dashboard access Admin Console Change Log Navigation: Change Log has been released from Beta and is generally available. User Management Enhancements: Improved batch user processing and cache synchronization to prevent data loss during user management operations Security & Platform Updates Security Enhancements: Deployed security fixes across multiple Care components: Analytics Dashboard: Critical security vulnerability patches Case Management Interface AI/ML Processing System Brand Messenger Chat Backend Publishing Interface: Latest security patches Messaging Authentication Khoros Marketing Platform Improvements Instance Management: Fixed server error that was preventing Marketing instance deprovisioning, improving platform lifecycle management User Moderation: Resolved issue preventing users from being banned in Marketing Inbox, restoring full moderation capabilities Stream Collections: Fixed deletion functionality for stream collections Infrastructure & Performance Social Gateway Updates: Deployed infrastructure improvements for enhanced reliability and performance Advertising Metrics Processing: Improved reliability of advertising metrics data collection by introducing safeguards to prevent processing failures Notification System: Improved stability of the notification system Enhanced Security Protocols: Strengthened database security protocols as part of ongoing security compliance efforts Khoros Flow AI & Platform Upgrades Claude 4.5 AI Upgrade: Upgraded AI model from Claude Sonnet 3.5 to Claude Sonnet 4.5 in Flow, providing enhanced AI capabilities for improved customer interactions and automated responses Integration Improvements WhatsApp Integration Upgrade: Updated WhatsApp channel integration to latest API version, improving message delivery reliability and media handling capabilities Care System Integration: Enhanced integration with Khoros Care to provide better tracking and visibility of customer cases across systems, enabling more seamless workflows between Flow and Care Security & Stability Security Vulnerability Remediation: Addressed known security vulnerabilities across Flow platform including CVE-2019-10744 (lodash), CVE-2020-7610 (bson), CVE-2021-26707 (merge-deep), and others by upgrading to latest secure versions of system dependencies Message Processing Improvements: Increased message processing capacity to handle larger messages and attachments, improving reliability for customers sending rich media content System Connection Resilience: Improved system resilience to prevent service interruptions during network connectivity issues, ensuring consistent message processing Monitoring & Operations Proactive Feature Monitoring: Implemented comprehensive monitoring for dashboard performance and bot response times with automated alerting Data Pipeline Optimization: Optimized data processing pipeline, significantly improving performance and reducing processing delays Platform-Wide Updates Security Comprehensive Security Fixes: Applied critical security updates across all Khoros products, including user interfaces and backend services System Reliability Enhanced Error Handling: Improved system resilience with better error recovery mechanisms Deployment Process: Streamlined release processes for faster, more reliable updatesKhoros Communities 25.11 Release Notes
The Khoros Communities 25.11 release delivers critical security updates, comprehensive accessibility improvements, enhanced survey targeting capabilities, and numerous stability fixes across content management, authentication, and search functionality. Classic Applied critical security patches addressing vulnerabilities in jQuery and TinyMCE components. Enhanced username validation to prevent impersonation attempts using visually similar characters from different language scripts. Improved flood control performance, significantly reducing processing time for users with many product associations. Fixed Rich Text Editor alignment not applying correctly to text with inline formatting such as bold or italic. Fixed custom table background colors and styling being stripped when saving blog posts. Fixed Events module errors preventing users from creating, publishing, or viewing events after upgrade. Fixed deleted article history records causing entire version history to be wiped when removing individual draft versions. Added comprehensive accessibility improvements including: keyboard operability for Reply and Follow buttons; proper carousel navigation with skip options; corrected focus order in Tags modal; disabled auto-focus in private message compose modal; added missing alt attributes to images throughout the application; and programmatically associated error messages with form fields. Aurora Implemented advanced survey targeting with configurable prompts based on user authentication status, roles, location, and visit patterns. Fixed critical memory leak in integration points registry that was causing system crashes and performance degradation after 24-40 hours of operation. Fixed private messages failing to load for users with large recipient lists. Fixed users being unable to join hidden groups via email invitations. Enhanced search functionality to properly handle Traditional Chinese, Japanese, and Korean characters. Fixed language preference cookie expiring after 24 hours instead of persisting for the configured 30-day period. Fixed CSV export failures when survey responses were linked to deleted user accounts, now properly marking these as "Anonymous". Added dimension validation for image uploads to prevent pixel flood attacks that could cause memory exhaustion and system crashes. Fixed navigation error flash when users return from profile pages to discussion threads using the browser back button. Fixed blog article delete confirmation dialog intermittently not appearing for users. Fixed page index resetting to first page when unfollowing items on the Follows and Notifications page. Fixed navigation links being replaced instead of appended when adding more than 10 links in the community header. Fixed missing locale parameter causing incorrect privacy policy URLs during SSO registration. Fixed Aurora search bar displaying category IDs instead of user-friendly board names as placeholder text. Fixed custom fields and mandatory native fields not appearing on SSO registration forms for partially registered users. Fixed page crashes when users with Employee role attempted to use @mentions in comments. Fixed ZIP file attachments being stripped when submitting forum replies despite being configured as allowed. Fixed anonymous and deleted users appearing in Top Taggers leaderboard. Enhanced security for video embedding with improved validation and localized error messages. Enabled DNG (Digital Negative) file uploads for communities requiring professional photography file support. Updated robots.txt configuration to prevent Google from crawling legacy Classic URLs, eliminating 404 errors in Search Console. Enabled API access to archived messages using client credentials authentication with proper pagination support. Fixed BrandMessenger component causing page errors when encountering loading issues. Fixed custom React components failing to load on newly created development branches. Fixed custom component localization displaying text keys instead of translated values for Portuguese (Brazil) and other regional locales. Fixed message indexing errors that were preventing proper search functionality for archived content. Added content-type header to SAML logout calls to ensure proper session termination across integrated systems. Prevented OIDC SSO authentication tokens from being exposed in Personal Information exports. Pre-Prod Rollout: November 26-27. Testing window open from November 27 through December 8. Production Rollout: December 12-13 The rollout will follow the standard maintenance windowsKhoros K1, Marketing, Care and Flow release cadence
As part of our ongoing commitment to reliability and transparency, we have adopted a continuous delivery model for Khoros K1, Care, Spredfast Marketing and Flow. This means improvements, fixes, and enhancements are deployed to production incrementally rather than through large, infrequent releases. This approach minimizes operational risk, accelerates value delivery, and ensures that your environment benefits from the most stable and secure version of our product at all times. We recognize that visibility into product evolution is essential for planning and governance. To provide this transparency, we are introducing a regular changelog where you can review all functional, performance, and stability updates that have been deployed. Each entry will briefly describe what has changed and when, serving as a single source of truth for product updates. Our initial plan is to publish changelog updates on a regular cadence (approximately bi-weekly) on the release notes space, ensuring timely and consolidated communication without excessive notifications. As the product continues to evolve, we may adjust this frequency to align with customer needs and product maturity—always maintaining consistency and clarity in how updates are communicated.Khoros Communities 25.10 - Release Notes
Due to unforseen circumstances, the rollout has been delayed. The updated dates are reflected below. The Khoros Communities 25.10 release includes accessibility improvements, localization enhancements, performance optimizations, and bug fixes across search, messaging, and community management features. Classic Fixed a memory leak affecting system stability by improving object deduplication in integration point processing. Enhanced image upload security validation to prevent potential issues with malformed or malicious image files. Fixed global and embedded search not returning results when using Traditional Chinese characters. Upgraded Image Service to Node.js 22 for improved security, stability, and long-term compatibility. Aurora Fixed recurring 503 Service Unavailable errors affecting community pages by implementing automated service stability improvements. Added full localization support for Turkish (tr-TR). Added full localization support for Indonesian (id-ID). Added full localization support for Vietnamese (vi-VN). Corrected French translations for "Board" and "Post" across UI and email templates. Fixed private messages in the inbox not loading for users with large recipient lists. Fixed an issue preventing users from joining hidden groups via email invitations. Fixed global and embedded search not returning results when using Traditional Chinese characters. Fixed an error preventing administrators from accessing Localized Categories Settings due to duplicate key entries. Upgraded to official undici library release for improved long-term maintainability and security updates. Upgraded Image Service to Node.js 22 for improved security, stability, and long-term compatibility. Enhanced image upload security validation to prevent potential issues with malformed or malicious image files. Fixed intermittent HTTP/2 connection timeout issues by implementing client-side TTL management for pooled connections. Improved accessibility across the platform including: correcting heading structures in Tags modal, editor, and Notifications; properly grouping radio buttons with fieldset and legend elements; updating placeholder text contrast to meet WCAG standards; enhancing tooltips with hover persistence and ARIA labels; grouping related form controls; correcting labeling for filters in Manage Content; adding proper scope attributes to table headers in Manage Members; fixing invalid ARIA attributes in Inbox; and ensuring form error messages are properly announced by screen readers. Pre-Prod Rollout: October 25-26. Testing window open from Oct 27 through Nov 8. Production Rollout: November 10-11 The rollout will follow the standard maintenance windows.Khoros Communities 25.9 - Release Notes
The Khoros Communities 25.9 release includes performance improvements, stability enhancements, and bug fixes across search, caching, authentication, and moderation features. Classic Fixed inbox search not returning results for partial word matches. Fixed an issue where the private notes page would error when performing an empty search. Fixed image URLs not being indexable by search engines due to incorrect robot headers. Fixed an issue where Salesforce user ranks were not updating after the initial sync. Fixed archive dashboard totals showing incorrect counts due to deleted boards being included. Fixed delete confirmation errors preventing content deletion. Fixed event pages showing errors after creating and publishing new events with optional livestream details. Aurora Fixed an issue where Salesforce user ranks were not updating after the initial sync. Fixed archive dashboard totals showing incorrect counts due to deleted boards being included. Fixed an error that occurred when viewing analytics for occasion reply messages. Fixed unread and view counts not updating without a page refresh. Fixed inbox search not returning results for partial word matches. Fixed an issue where the private notes page would error when performing an empty search. Fixed image URLs not being indexable by search engines due to incorrect robot headers. Fixed an authentication issue where cookies were not being properly echoed during login/logout flows. Fixed an issue where session cookies were being incorrectly cached for anonymous users. Improved page caching performance by moving from memory-based to filesystem-based storage. Fixed a page caching issue that was reusing parent frame IDs across different users. Fixed the 3-dot action menu not working properly in text key mode within Manage Content. Fixed the 3-dot action menu not appearing for reported private messages in Manage Abuse. Fixed message action menus not responding consistently across different content types. Fixed message preview pages reloading endlessly and preventing user actions. Fixed duplicate replies being created when responding to messages at deeper thread levels. Fixed pagination issues with archived messages where the cursor was not advancing properly. Fixed a null pointer exception occurring when deleting articles via API. Fixed an issue where followers were not consistently receiving edit notifications according to their preferences. Fixed subscribers receiving unnecessary emails for non-publish workflow actions. Fixed an infinite initialization loop occurring in SDK preview for custom components. Fixed an issue where component assets were not loading correctly when switching branches. Fixed database errors caused by custom field metadata keys exceeding the allowed size limit. Fixed an issue where pasted email addresses were being replaced with suggested users when pressing Enter in group/event invites. Fixed delete confirmation errors preventing content deletion. Fixed event pages showing errors after creating and publishing new events with optional livestream details. Staging and Pre-Prod rollout: September 15 Production rollout: September 29 The rollout will follow the standard maintenance windowsKhoros Communities 25.8 - Release Notes
The Khoros Communities 25.8 release includes several important security improvements and bug fixes. [Classic] Fixed a cross-site scripting (XSS) vulnerability affecting embedded YouTube videos on community pages. [Aurora] Certain specific custom access permissions was blocking user registration, due to attempting to verify permissions before the user was registered. This has been addressed so that permissions are checked in the correct sequence. [Aurora] Fixed an issue where users were unable to join Zoom meetings when registration was set to "required"; users would instead see an error message. [Aurora] Fixed an issue with headers and footers appearing multiple times on some community pages. [Aurora] Addressed an Aurora GraphQL API issue where certain custom fields were omitted from responses. These values now appear correctly. [Aurora] Resolved an issue where the "CurrentUser" endpoint returned information about the anonymous user, not the actual current user, when using the Authorization header method of authentication. Release Date: August 20, 2025Khoros Communities v25.04-b16 - Release Notes
Khoros Communities v25.04-b16 is a minor update that adds a Chinese (Traditional) language pack for Taiwan (zh-TW). This is a full user interface translation. There are no functionality changes included in this release. We are planning upcoming releases during August, with important bug fixes and enhancements. Release date: 2025-07-23 (release notes delayed)
