CVE-2013-4167
Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) before 1.11.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Date published : 2013-10-11
http://forum.cmsmadesimple.org/viewtopic.php?f=1&t=66590&p=299356