CVE-2010-1482

2010-05-1215:00:00

mitre

www.cve.org

cve-2010-1482

cross-site scripting

cms made simple

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

60.2%

JSON

Cross-site scripting (XSS) vulnerability in admin/editprefs.php in the backend in CMS Made Simple (CMSMS) before 1.7.1 might allow remote attackers to inject arbitrary web script or HTML via the date_format_string parameter.

References

blog.cmsmadesimple.org/2010/05/01/announcing-cms-made-simple-1-7-1-escade/

int21.de/cve/CVE-2010-1482-cmsmadesimple-xss-backend.html

www.securityfocus.com/archive/1/511178

www.securityfocus.com/bid/39997