CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Vulnrichment•added 2026/05/16 3:25 p.m.•7 views

CVE-2020-37238 CMS Made Simple 2.2.15 Stored XSS via SVG File Upload

CMS Made Simple 2.2.15 contains a stored cross-site scripting vulnerability that allows authenticated users with Content Manager access to inject malicious scripts through SVG file uploads. Attackers can upload SVG files containing embedded JavaScript to the file manager, which executes when othe...

6.4CVSS5.6AI score0.00034EPSS

Exploits0References4

Cvelist•added 2026/05/16 3:25 p.m.•32 views

CVE-2020-37238 CMS Made Simple 2.2.15 Stored XSS via SVG File Upload

6.4CVSS0.00034EPSS

Exploits0References4

CVE•added 2026/05/16 3:25 p.m.•11 views

CVE-2020-37238

CVE-2020-37238 affects CMS Made Simple 2.2.15. The vulnerability is a stored cross-site scripting (XSS) flaw in the file manager: authenticated Content Manager users can upload SVG files containing embedded JavaScript, which executes when other authenticated users view the uploaded file, enabling...

6.4CVSS5.6AI score0.00034EPSS

Exploits0References4