Page 1 of 1

Announcing CMSMS 1.11.2.1

Posted: Wed Oct 17, 2012 10:01 pm
by calguy1000
Today we received notification of a security vulnerability in all versions of CMS Made Simple up to and including CMSMS 1.11.2

This vulnerability allows authorized administrators to affect files on remote hosts in situations where files are owned by a shared httpd process owner (such as apache or httpd or web etc).

So upon analysis of the situation a small fix was made to ImageManager to solve this issue resulting in CMSMS 1.11.2.1

We recommend all users upgrade their installs of CMS Made Simple to 1.11.2.1 as soon as possib.

In accordance with our support policy, the two supported versions of CMSMS are 1.11.2 and 1.11.2.1

Thank you for your time, and please upgrade your sites as soon as possible.