The Filemanager in CMS Made Simple 2.2.13 has stored XSS via a .pxd file, as demonstrated by m1_files[] to admin/moduleinterface.php.Referenceshttp://dev.cmsmadesimple.org/bug/view/12274
