WBCE CMS is an open source content management system (CMS) based on PHP and MySQL. version 1.5.2 of WBCE CMS contains a cross-site scripting vulnerability that can be exploited to cause a cross-site scripting (XSS) attack via the \admin\pages\sections_save.php namesection2 parameter.