Cross site scripting

2017-06-1518:29:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.0%

In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on index.php/content/text/1?return_url=[XSS] exploitable as a regular or admin user.

CPENameOperatorVersion
simplecele2.3.0

CPE	Name	Operator	Version
	simplece	le	2.3.0

References

packetstormsecurity.com/files/142944/SimpleCE-2.3.0-Cross-Site-Request-Forgery-Cross-Site-Scripting.html