Page 1 of 1

CMSimple 4.6.3 - Security Update

Posted: Mon Jun 06, 2016 4:20 pm
by cmb
Today CMSimple 4.6.3 has been released with the following note:
[…], a smaller security gap has been eliminated, so an update is recommended.
Has anybody further information about this vulnerability; especially, is CMSimple_XH affected as well? Would be good to know to provide a security update as well, but I'm not able to find a vulnerability from looking at the diff.

Re: CMSimple 4.6.3 - Security Update

Posted: Thu Jun 09, 2016 11:47 am
by cmb
Thanks to Holger and Gert I'm now aware of the issue. At least for CMSimple_XH 1.6.7 that is not a vulnerability – so no need to worry. It still is a bug, so I'll follow up in the Bugs forum.