CMS Made Simple Cross-Site Scripting Vulnerability

CMS Made Simple CMSMS is an open source content management system CMS by Cmsms team. The system supports role-based permission management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A security vulnerability exists in CMS Made Simple v.2.2.18,...

OpenSolution Quick CMS Cross-Site Scripting Vulnerability

OpenSolution Quick CMS is a free content management system from the OpenSolution organization. A security vulnerability exists in OpenSolution Quick CMS version v.6.7, which stems from a cross-site scripting XSS vulnerability in the component Languages Menu...

CVE-2023-43345

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component...

PT-2023-28804 · Unknown · Cms Made Simple

Name of the Vulnerable Software and Affected Versions: CMSmadesimple version 2.2.18 Description: A Cross Site Scripting issue allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component...

CVE-2023-43344

CVE-2023-43344 concerns OpenSolution Quick CMS v6.7. The vulnerability is a Cross-Site Scripting (XSS) flaw in the SEO - Meta description field of the Pages Menu component, allowing a local attacker to execute arbitrary script via a crafted payload. Root cause reported across sources is insuffici...

CVE-2023-43344

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component...

CVE-2023-43359

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component...

OpenSolution Quick CMS 跨站脚本漏洞

OpenSolution Quick CMS is a free content management system organized by OpenSolution. A cross-site scripting vulnerability exists in OpenSolution Quick CMS v6.7, which stems from the lack of effective filtering and escaping of user-supplied data in the SEO - Meta description parameter of the Page...

CVE-2023-43345

OpenSolution Quick CMS 6.7 is affected by a stored XSS in the Pages Menu component, triggered by crafting the Content - Name parameter. The vulnerability allows a local attacker to execute arbitrary code via the injected script, with impact on confidentiality, integrity, and availability as per t...

GHSA-J5GV-W838-MMCX Liferay Portal and Liferay DXP Vulnerable to XSS via the Page Tree Menu

Stored cross-site scripting XSS vulnerability in Page Tree menu in Liferay Layout Implementation before 6.0.102 from Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 fix pack 1 through update 23, and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via...

Liferay Portal and Liferay DXP Vulnerable to XSS via the Page Tree Menu

Stored cross-site scripting XSS vulnerability in Page Tree menu in Liferay Layout Implementation before 6.0.102 from Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 fix pack 1 through update 23, and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via...

CVE-2023-44310

Stored cross-site scripting XSS vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 fix pack 1 through update 23, and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into page's "Name" text...

CVE-2023-44310

Stored cross-site scripting XSS vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 fix pack 1 through update 23, and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into page's "Name" text...

CVE-2023-44310

CVE-2023-44310 is a stored XSS vulnerability in the Page Tree menu affecting Liferay Portal 7.3.6–7.4.3.78 and Liferay DXP 7.3 (fix pack 1 through Update 23 ) and 7.4 (before Update 79 ). An attacker can inject arbitrary scripts via a crafted payload into a page’s Name field, enabling script exec...

Liferay Portal and Liferay DXP Cross-Site Scripting Vulnerabilities

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...

PT-2023-29204 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.3.6 through 7.4.3.78 Liferay DXP versions 7.3 fix pack 1 through update 23 Liferay DXP version 7.4 before update 79 Description: A stored cross-site scripting XSS issue in the Page Tree menu allows remote attackers t...

RiteCMS Cross-Site Scripting Vulnerability (CNVD-2026-05345)

RiteCMS is an open source content management system based on php and sqlite. RiteCMS suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary code in the Main Menu Items of the Administration Menu via a specially crafted payload...

RiteCMS Cross-Site Scripting Vulnerability (CNVD-2026-05346)

RiteCMS is an open source content management system based on php and sqlite. RiteCMS suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary code via a specially crafted payload in Global Content Blocks in the Administration Menu...

CVE-2023-43343

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component...

CVE-2023-43343

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component...