CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a crafted image filename on the "News > Add Article" screen.Referenceshttps://forum.cmsmadesimple.org/viewforum.php?f=1http://dev.cmsmadesimple.org/bug/view/12149
