You probably have read Alex Jumašev's article: Target="_blank" - the most underestimated vulnerability ever. If not, you should!
Opening a bad link at your site using target="_blank" can give the target website partial access to the browser tab your website is in. It can redirect to a fake page asking to i.e. re-enter your Paypal or Facebook password. This problem is a general HTML issue, not a problem within CMSMS™!
There are few methods to prevent this vulnerability using CMS Made Simple™.
Do I need to explain this more...
In a large website it can be hard to change all links in the content...
This postfilter will automaticly add the rel="noopener noreferrer" tag to all links using target="_blank".
Create a file named postfilter.noopener.php and store it in the CMSMS [root_url]/plugins/ folder.
The content of the file is:
Important note: This method isn't flawless but better than nothing.
Let me know if it works at your website and if I need to make some changes.
The plugins folder, has been moved in 2.x version of cmsms.
Idk if this works if you move it to the "assets/plugins" folder.