CMS Made Simple Core

Jump to Bug #
ID Summary Open Date Severity Version Resolution State Assigned To Submitted By
12191 Authenticated Remote code Execution 2019-11-15 Critical 2.2.12 Awaiting Response Open Robert Campbell Yosri Debaibi
12228 Stored Cross-Site Scripting - CMS Made Simple 2.2.13 2019-12-22 Critical 2.2.13 None Open Robert Campbell Guram Javakhishvili
12275 Remote Code Execution (RCE) authenticated with crafted JPG files 2020-03-16 Critical 2.2.13 Awaiting Response Open Ruud van der Velden Joshua Provoste
11021 block replacement does not allow to "overwrite" a content block 2016-05-08 Major 2.1.3 Accepted Open Nobody Ludger Merkens
11626 FrontEnd editing with MicroTiny requires permissive_smarty=1 2017-11-01 Major Fixed Open Robert Campbell Jack Skiba
11674 Async processsing not robust 2017-12-14 Major Fixed Open Nobody tom
11876 class.CmsLayoutTemplateQuery.php not implemented as documented + query fatal error on unimplemented filters 2018-08-22 Major 2.2.8 Fixed Open Nobody Deleted User
11969 File Picker Window Does Not Close 2019-02-06 Major None Open Nobody Oliver Coningham
12149 Stored cross-site scripting (XSS) in News > Add Article 2019-09-19 Major 2.2.11 None Open Nobody Neelima Bawa
12393 XSS via SVG file upload 2020-12-04 Major 2.2.15 Won't Fix Open Nobody Eshan Singh
12442 MAMSRegistration fails to save autocreate setting 2021-04-23 Major 2.2.15 None Open Fernando Morgado Joachim Luitz
12457 Event Manager empty list when mysql mode only_full_group_by 2021-05-27 Major 2.2.15 Fixed Open Ruud van der Velden Ruud van der Velden
12462 Emojis unsupported 2021-07-21 Major 2.2.15 None Open Nobody
8208 cms_index_module_templates_by_module_name_template_name too long in utf8 2012-08-03 Minor 1.11 Accepted Open Robert Campbell Not public
9169 CMS DB update scripts do not fail when they should. 2013-04-18 Minor None Open Nobody
9640 content_image does not work when both block and id parameters are given 2013-11-02 Minor 1.11.9 None Open Nobody Martijn de Milliano
9958 Cannot delete template associated to internal page link 2014-04-16 Minor 1.11.10 Accepted Open Nobody Steven Mortimer
10500 session security check incomplete 2015-04-23 Minor 1.11.13 None Open Nobody Fred Polizo
10574 Can't set string 'default' for default value in method.install.php. 2015-07-03 Minor 1.12 Accepted Open Nobody Karelin
11427 PHP Notices when mact called with insufficient parameters 2017-06-23 Minor 2.2.1 None Open Nobody
11440 Invalid path in global settings causes fatal error in FilePicker 2017-06-27 Minor 2.2.1 None Open Nobody stephen cooper
11590 Admintheme Module Actions Show in Menu 2017-10-02 Minor None Open Nobody Krisztian Kishazi
11627 Exporting/importing designs changes Smarty comments containing the word 'Navigator' 2017-11-02 Minor None Open Nobody Matt Hornsby (DIGI3)
11664 CmsJobManager.module.php code relies on count(BOOLEAN) 2017-12-10 Minor 2.2.4 Fixed Open Nobody Ruud van der Velden
11700 Exporting/importing designs changes CGSimpleSmarty call in Navigator template 2018-01-16 Minor None Open Nobody Dorothée DV