Lucene search
HistoryJan 17, 2014 - 3:18 p.m.
CVE-2013-7243
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
66.4%
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) post-menu field to edit.php or (2) Display name field to settings.php. NOTE: The Custom Permalink Structure and Email Address fields are already covered by CVE-2012-6621.
Affected configurations
Node
get-simplegetsimple_cmsMatch3.1.2
ORget-simplegetsimple_cmsMatch3.2.3
Related
prion
prion
Cross site scripting
2014-01-17 15:18:00
Cross site scripting
2014-01-16 21:55:00
Cross site scripting
2020-01-02 21:15:00
cvelist
cvelist
cve
cve
openvas
openvas
GetSimple CMS 3.1.x / 3.2.x Multiple Vulnerabilities
2014-01-21 00:00:00
exploitdb
exploitdb
GetSimple CMS 3.1 admin/pages.php error Parameter Reflected XSS
2012-05-12 00:00:00
GetSimple CMS 3.1 admin/upload.php path Parameter XSS
2012-05-12 00:00:00
GetSimple CMS 3.1 admin/theme.php err Parameter Reflected XSS
2012-05-12 00:00:00
nvd
nvd
CVE-2012-6621
2014-01-16 21:55:08
CVE-2013-1420
2020-01-02 21:15:12
packetstorm
packetstorm
GetSimple CMS 3.1.2 / 3.2.3 Cross Site Scripting
2014-01-07 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
66.4%
Related for NVD:CVE-2013-7243