-
Hi team,
It was observed that GetSimpleCMS 3.3.5 is vulnerable to persistent XSS. If you add any new page and in the edit page header & body if you pass the payload and save, it gets executed for all…
-
PHP's `strip_tags` doesn't remove the code inside `...` and `...` that may be in the post content, so it's displayed in excerpts.
I noticed this long ago, but I forgot to note the issue. John Stray h…
-
Refactor all fileio operations through wrapper functions.
Added fileio debugging.
See pull request #897
-
`GSNOFRAME` != false
sets header x-frame deny
-
I am already aware of #1046 and I have applied your commit to by getsimpleCMS before using it (I guess according to your fix, I only need to change `admin/changedata.php` and `security_functions.php`)…
-
Discovered when a site this plugin is used on shared a link on Facebook
-
There is a conflict with theme functions _getPageContent_ and _returnPageContent_, available since GS 3.1. They run the _content_ filter to echo/return their result, same filter used by NM to insert i…
-
Hi,
I test getSimple CMS 3.3.b3 and I get an error 500 when I want to open a file on /data/uploads/.
When I remove this line :
php_flag engine off
in .htaccess, there is no error. What happen ?
PH…
-
reported by Gooos
http://forum.getsimplecms.ru/viewtopic.php?pid=3627#p3627
-
If a page has no 'Meta Description' set and `GSAUTOMETAD` is true, then any page which contains inline `` tags will pollute the 'Meta Description' with CSS declarations. The same situation applies wit…