Composr Issue Tracker
Welcome to the issue tracker! Here, you can view reported software issues.All users are encouraged to report software issues or suggestions to the tracker. You will be awarded points for each issue you report that gets completed by someone.
Developers are encouraged to go through the tracker and implement issues. You will receive points for issues you implement. Prioritise issues in the following order:
- Security issues
- Major issues
- Minor issues
- Trivial issues
- Feature requests
- Be aware this requires you create a measure for voting, and you achieve a simple majority, before implementing into core code. This is not necessary for non-bundled addons.
Please read our providing feedback tutorial page before reporting an issue.
Click here to view the full issue tracker catalogue.
Click here to report an issue or suggestion.
Search tracker issues
Open issues
| Identifier | Issue type | Title | Status | Funded? | |
|---|---|---|---|---|---|
| #5477 | Feature request or suggestion | Voting power: have a choice between points balance and life-time points | Open | No | View |
| #5479 | Feature request or suggestion | Permission products do not account for themes, etc | Open | No | View |
| #5480 | Feature request or suggestion | Rewrite do_lang and do_lang_tempcode to not ignore params when previous params are null | Open | No | View |
| #5485 | Minor issue (breaks specific functionality) | Trying to pass a string into delete_lang | Open | No | View |
| #5486 | Feature request or suggestion | See if we can be smarter about DNS lookup | Open | No | View |
| #5487 | Minor issue (breaks specific functionality) | Health check: HTTPS and WWW redirection fail if using status 200 | Open | No | View |
| #5489 | Major issue (breaks an entire feature) | Make release: tar on Windows 11 "option --force-local is not supported" | Open | No | View |
| #5490 | Trivial issue (does not break functionality) | comcode_to_text: Comcode not stripping newlines from inside tags when test indicates we expect it to | Open | No | View |
| #5491 | Minor issue (breaks specific functionality) | Geocoding now requires Billing to be enabled on Google Cloud | Open | No | View |
| #5495 | Minor issue (breaks specific functionality) | xhtml_substr failing; spoiling attachments | Open | No | View |
Completed issues
| Identifier | Issue type | Title | Status | Funded? | |
|---|---|---|---|---|---|
| #4633 | Security issue (exploit in Composr) | Reflected Cross Site Scripting (XSS) | Completed | No | View |
| #4653 | Security issue (exploit in Composr) | Strip GPS EXIF data by default | Completed | No | View |
| #4668 | Security issue (exploit in Composr) | stored XSS | Completed | No | View |
| #4697 | Security issue (exploit in Composr) | Fix issues in TLS mailer connection | Completed | No | View |
| #4762 | Security issue (exploit in Composr) | Critical Security Vulnerability in Composr CMS | Completed | No | View |
| #4765 | Security issue (exploit in Composr) | Gallery items set as Members only outputs thumbnails for Guests | Completed | No | View |
| #4836 | Security issue (exploit in Composr) | Spammers may create new themes | Completed | No | View |
| #4846 | Security issue (exploit in Composr) | Installers are vulnerable to bot attack | Completed | No | View |
| #5144 | Security issue (exploit in Composr) | Potential cross-site scripting vulnerability in shopping / update_cart | Completed | No | View |
| #5155 | Security issue (exploit in Composr) | CSP: Missing clickjacking protection | Completed | No | View |
