CMS Made Simple Forums

All the forms on my site are showing an XSS attempt error on submission. They were working, not sure what changed to prevent them from working.

I have tried to remove cache and I removed the CSRF field from one of the forms but nothing changed.

CMSMS Version 2.2.15
CMSMailer 6.2.14
FormBuilder 1.1

I only run into this when trying to resend the form (refresh page) or sending too often within short time periods (what happens while developing, but not regulary).
I came to the idea it could have issues with the cookies … especially the admin-cookies … because, when I used another Browser (developing with Firefox switching to Chrome or vice versa) in incognito mode, it worked every single time without a single error.

Hence the most important question was for me: Will the user run into an error too?
And as far I could tell: No, he probalby won't.
If I can avoid errors by browsing incognito, it'll probably work for the user too.

This new feature is probably really nice … however I'd really wish I could track the number of such errors.
While the URL is not different at all, and also I could not find any kind of adjustable content* where I could place an UDT (for example, to increment a number in a text file or set up a log) I thought this may be tricky to trust.

* Altering the translation file is maybe not best practise. Also I don't know if I could run PHP oder Smarty from a translation variable.

I was finally able to reproduce this issue... it's fixed in SVN and I'll release the new version as soon as I have some time to cut it. Thanks.

Jo Morg wrote: ↑Thu Jan 07, 2021 8:54 pm I was finally able to reproduce this issue... it's fixed in SVN and I'll release the new version as soon as I have some time to cut it. Thanks.

Did you find any time to update this
I got the same issue on my end today.

Hi, I came across this issue today. Any idea on when the new release may come?

I will do some more minor fixes and tests and will release a new version this week.