| 11788 |
CMS Made Simple forum register |
2018-04-05 |
None |
|
Accepted |
Open |
Nobody |
Peter Tindemans |
| 11807 |
UserOperations::IsSuperuser() calls UserOperations::GetMemberGroups() incorrectly |
2018-05-01 |
Minor |
2.2.7 |
Fixed |
Open |
Nobody |
Chris |
| 11822 |
cms_stylesheet name attribute uses LIKE in query (with solution) |
2018-05-17 |
Major |
2.2.7 |
Fixed |
Open |
Mathieu Muths (airelibre) |
Victor Avgust |
| 11829 |
system information, tabindex and accesskey issues (resolutions include) |
2018-06-01 |
Minor |
2.2.7 |
Fixed |
Open |
Mathieu Muths (airelibre) |
Philippe Thomas |
| 11831 |
Filepicker profile path issue when root_url defined in config |
2018-06-05 |
None |
2.2.7 |
Accepted |
Open |
Nobody |
Matt Hornsby (DIGI3) |
| 11870 |
Duplicating page shows content type but doesn't allow changing it |
2018-08-04 |
Trivial |
2.2.7 |
Fixed |
Open |
Nobody |
Matt Hornsby (DIGI3) |
| 11871 |
XSS (via svg file upload) |
2018-08-08 |
Major |
2.2.8 |
Invalid |
Open |
Nobody |
Provensec Security |
| 11876 |
class.CmsLayoutTemplateQuery.php not implemented as documented + query fatal error on unimplemented filters |
2018-08-22 |
Major |
2.2.8 |
Fixed |
Open |
Nobody |
Arnoud |
| 11880 |
content_image tag should accept empty value for alt parameter |
2018-08-30 |
Trivial |
2.2.8 |
Fixed |
Open |
Nobody |
Ruud van der Velden |
| 11914 |
Bundled versions of smarty and PHPMailer contain security vulnerabilities |
2018-10-21 |
Minor |
2.2.8 |
Fixed |
Open |
Nobody |
Michael Orlitzky |
| 11933 |
login screen on content editor/filepicker after switching users |
2018-12-04 |
None |
2.2.8 |
Fixed |
Open |
Nobody |
Matt Hornsby (DIGI3) |
| 11955 |
admin panel output Mixed Content (HTTP and HTTPS) with custom variables in config.php file |
2019-01-24 |
Minor |
2.2.9 |
Fixed |
Open |
Robert Campbell |
Philippe Thomas |
| 11963 |
Pages tabindex do not output with navigator and some errors in online documentation |
2019-02-02 |
Minor |
2.2.9 |
None |
Open |
Robert Campbell |
Philippe Thomas |
| 11969 |
File Picker Window Does Not Close |
2019-02-06 |
Major |
2.2.9.1 |
None |
Open |
Nobody |
Oliver Coningham |
| 12001 |
Stored Cross-site Scripting in CMS Made Simple - File picker feature |
2019-03-24 |
Trivial |
2.2.10 |
Accepted |
Open |
Nobody |
Chi Tran |
| 12002 |
Self-XSS vulnerability via Design Manager on CMSMS 2.2.10 |
2019-03-25 |
Trivial |
2.2.10 |
None |
Open |
Nobody |
Chi Tran |
| 12003 |
Self-XSS vulnerability via My Account on CMSMS 2.2.10 |
2019-03-25 |
Trivial |
2.2.10 |
None |
Open |
Nobody |
Chi Tran |
| 12004 |
Stored Cross-site Scripting in Site Admin Settings - News module |
2019-03-25 |
Trivial |
2.2.10 |
None |
Open |
Nobody |
Chi Tran |
| 12018 |
PHP 7.3 Warning - "continue" targeting switch is equivalent to "break" |
2019-04-06 |
Minor |
2.2.10 |
Fixed |
Open |
Nobody |
|
| 12019 |
JobManager delete_jobs_by_module bug |
2019-04-10 |
Minor |
2.2.10 |
Fixed |
Open |
Robert Campbell |
Chris Taylor |
| 12022 |
Cross-site Scripting vulnerability in CMS Made Simple |
2019-04-19 |
Trivial |
2.2.10 |
None |
Open |
Robert Campbell |
Binit Ghimire |
| 12023 |
Stored Cross-site Scripting Vulnerability in Email Address area in CMS Made Simple |
2019-04-20 |
Critical |
2.2.10 |
None |
Open |
Robert Campbell |
Binit Ghimire |
| 12044 |
System Information "Do a Compilation Check" [yes] shows a wrong language string |
2019-05-21 |
Minor |
2.2.10 |
None |
Open |
Nobody |
Arnoud |
| 12048 |
The simple dropdown version of parent selector in the "Navigation" tab of "Edit Content Page" does not update the field |
2019-06-01 |
Minor |
2.2.10 |
None |
Open |
Nobody |
Sašo Živanović |
