Composr Issue Tracker
Welcome to the issue tracker! Here, you can view reported software issues.All users are encouraged to report software issues or suggestions to the tracker. You will be awarded points for each issue you report that gets completed by someone.
Developers are encouraged to go through the tracker and implement issues. You will receive points for issues you implement. Prioritise issues in the following order:
- Security issues
- Major issues
- Minor issues
- Trivial issues
- Feature requests
- Be aware this requires you create a measure for voting, and you achieve a simple majority, before implementing into core code. This is not necessary for non-bundled addons.
Please read our providing feedback tutorial page before reporting an issue.
Click here to view the full issue tracker catalogue.
Click here to report an issue or suggestion.
Search tracker issues
Open issues
| Identifier | Issue type | Title | Status | Funded? | |
|---|---|---|---|---|---|
| #6159 | Feature request or suggestion | Refactor database for validation addon | Open | No | View |
| #6160 | Trivial issue (does not break functionality) | Scalability considerations for block_side_stats | Open | No | View |
| #5819 | Trivial issue (does not break functionality) | MySQL: 'utf8' will be an alias of utf8mb4 in future release | Open | No | View |
| #5818 | Trivial issue (does not break functionality) | Undefined variable $FORUM_DB in get_db_for (in the if condition) | Open | No | View |
| #5816 | Trivial issue (does not break functionality) | Database and mail poison for get_value_newer_than on missing resource | Open | No | View |
| #5815 | Feature request or suggestion | Reduce disk checks for error log | Open | No | View |
| #5813 | Minor issue (breaks specific functionality) | Potentially risky wildcard default-src CSP set on several pages | Open | No | View |
| #5808 | Feature request or suggestion | Site admins may not be aware separate site zone locks tickets for all guests | Open | No | View |
| #5805 | Trivial issue (does not break functionality) | Broken calendar icons on upgrade from v10 | Open | No | View |
| #5797 | Feature request or suggestion | Date selection frustrating to use on Android (can only easily jump by month, not year) | Open | No | View |
Completed issues
| Identifier | Issue type | Title | Status | Funded? | |
|---|---|---|---|---|---|
| #3876 | Security issue (exploit in Composr) | XSS vulnerability via mime sniffing on .dat files | Completed | No | View |
| #3887 | Security issue (exploit in Composr) | Information leak on IIS | Completed | No | View |
| #4008 | Security issue (exploit in Composr) | Backups should be given reduced privileges | Completed | No | View |
| #4076 | Security issue (exploit in Composr) | Security error in parameterised queries | Completed | No | View |
| #4095 | Security issue (exploit in Composr) | Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting | Completed | No | View |
| #4101 | Security issue (exploit in Composr) | Incorrect escaping of field labels (esp usergroup names) | Completed | No | View |
| #4157 | Security issue (exploit in Composr) | XSS if showing topics via main_multi_content block | Completed | No | View |
| #4202 | Security issue (exploit in Composr) | XSS hole in non-bundled image_slider addon | Completed | No | View |
| #4391 | Security issue (exploit in Composr) | main_multi_content block not respecting validation | Completed | No | View |
| #4632 | Security issue (exploit in Composr) | Image Filter Bypass Leads Remote Code Execution [Mass-add to gallery] | Completed | No | View |