Has anybody further information about this vulnerability; especially, is CMSimple_XH affected as well? Would be good to know to provide a security update as well, but I'm not able to find a vulnerability from looking at the diff.[…], a smaller security gap has been eliminated, so an update is recommended.
CMSimple 4.6.3 - Security Update
CMSimple 4.6.3 - Security Update
Today CMSimple 4.6.3 has been released with the following note:
Christoph M. Becker – Plugins for CMSimple_XH
Re: CMSimple 4.6.3 - Security Update
Thanks to Holger and Gert I'm now aware of the issue. At least for CMSimple_XH 1.6.7 that is not a vulnerability – so no need to worry. It still is a bug, so I'll follow up in the Bugs forum.
Christoph M. Becker – Plugins for CMSimple_XH