CMS MADE SIMPLE FORGE

CMS Made Simple Core

 
   
Jump to Bug #
ID Summary Open Date Severity Version Resolution State Assigned To Submitted By
12148 Reflected XSS in Site Admin> Module Manager> Search Term 2019-09-19 Major 2.2.11 None Open Robert Campbell Chetan Madkam
12149 Stored cross-site scripting (XSS) in News > Add Article 2019-09-19 Major 2.2.11 None Open Nobody Neelima Bawa
12155 Remote code execution via file upload functionality 2019-09-21 Critical 2.3-beta7 Invalid Open Nobody Neelima Bawa
12156 Warnings using php 7.3 2019-09-21 Trivial 2.3-beta7 Fixed Open Nobody Kim Birkeland Skorgenes
12158 Navigator item prop has_children is always true when there is children 2019-09-25 Minor 2.2.10 Fixed Open Robert Campbell Tomas Amsrud
12172 CronJobTrait undefined constants 2019-10-18 Minor 2.2.12 Fixed Open Robert Campbell Chris Taylor
12191 Authenticated Remote code Execution 2019-11-15 Critical 2.2.12 Awaiting Response Open Robert Campbell Yosri Debaibi
12204 Deprecated glue string 2019-12-09 Trivial 2.3-beta7 Fixed Open Nobody Kim Birkeland Skorgenes
12205 Array and string offset access syntax with curly braces is deprecated 2019-12-09 Trivial 2.3-beta7 None Open Nobody Kim Birkeland Skorgenes
12226 Stored Cross-Site Scripting - CMS Made Simple 2.2.13 2019-12-22 None 2.2.13 Won't Fix Open Ruud van der Velden Guram Javakhishvili
12228 Stored Cross-Site Scripting - CMS Made Simple 2.2.13 2019-12-22 Critical 2.2.13 None Open Robert Campbell Guram Javakhishvili
12274 Cross-site Scripting (XSS) Stored within *.pxd extension files 2020-03-16 Critical 2.2.13 Awaiting Response Open Nobody Joshua Provoste
12275 Remote Code Execution (RCE) authenticated with crafted JPG files 2020-03-16 Critical 2.2.13 Awaiting Response Open Ruud van der Velden Joshua Provoste
12287 Admin shortcuts popup refers to IRC 2020-04-02 Trivial 2.2.14 Fixed Open Rolf Ruud van der Velden
12288 CMS Made Simple (CMSMS) 2.2.14 allows stored XSS via the Extensions > Fie Picker. 2020-04-04 Minor 2.2.14 Fixed Open Ruud van der Velden ww
12291 Reflected Cross site scripting 2020-04-13 Major 2.2.13 Fixed Open Ruud van der Velden Jyoti Raval
12292 showbase parameter of metadata tag doesn't accept boolean value 2020-04-16 Trivial 2.2.14 Fixed Open Ruud van der Velden Ruud van der Velden
12305 Removing actual Destination Page breaks Destination Page dropdown in Internal Page Link pages 2020-05-04 Trivial 2.2.14 Fixed Open Ruud van der Velden Tristan
12311 log_performance_info - undefined variable: queries 2020-05-19 Minor Fixed Open Fernando Morgado Greg Prosser
12312 Stored XSS vulnerability in File Picker at CMSMS 2.2.14 and below 2020-05-26 Minor 2.2.14 Fixed Open Ruud van der Velden Binit Ghimire
12313 5 Stored XSS vulnerabilities in "Settings - Content Manager" under "Site Admin" in CMSMS Admin Console 2020-05-26 Minor 2.2.14 Fixed Open Ruud van der Velden Binit Ghimire
12317 XSS on Settings News Module 2020-05-29 Minor 2.2.14 Fixed Open Ruud van der Velden rahul gautam
12321 Cross Site Scripting Vulnerability on "Logic" via Content Manager feature in CMS Made Simple v2.2.14 2020-06-15 None 2.2.14 Won't Fix Open Nobody luuthehienhbit
12322 Cross Site Scripting Vulnerability on "Extra" via 'News > Article" feature in CMS Made Simple v2.2.14 2020-06-16 Minor 2.2.14 Fixed Open Fernando Morgado luuthehienhbit
12324 Cross Site Scripting Vulnerability on "Search" via "Module Manager" feature in CMS Made Simple v2.2.14 2020-06-18 Minor 2.2.14 Fixed Open Matt Hornsby (DIGI3) NamTV