Magnolia 5.7 reached extended end of life on May 31, 2022. Support for this branch is limited, see End-of-life policy. Please note that to cover the extra maintenance effort, this EEoL period is a paid extension in the life of the branch. Customers who opt for the extended maintenance will need a new license key to run future versions of Magnolia 5.7. If you have any questions or to subscribe to the extended maintenance, please get in touch with your local contact at Magnolia.

Magnolia CMS 5.7.22 is the third Extended end-of-life (EEoL) maintenance release, which brings security updates.

We keep the details of security fixes private in line with our security policyContact our Support team if you need more information.

Should you require access to the updates of 5.7 under the EEoL conditions, please contact your sales representative.

CSRF security improved

Since this release, you can configure the httpOnly and secure attributes on the CSRF cookie. Furthermore, the implementation has been hardened to mitigate session fixation attacks.

For more details, see Filters: CSRF token security.



If you are upgrading from an earlier version, read Upgrading to Magnolia 5.7.x first and check the Known issues section on the page.


See the 5.7.22 changelog for all the changes.

Updated modules

  • Community Edition 5.7.22
  • Enterprise Edition 5.7.22
  • Magnolia 5.7.22
  • UI 5.7.22


The Magnolia team would also like to thank everyone who reported issues, contributed patches or simply commented on issues for this release.

  • No labels