CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core components, resulting in local file read before 2.2, and local file inclusion since 2.2.1Referenceshttps://www.cmsmadesimple.org/2017/07/Announcing-CMSMS-2.2.2-Hearts-Content