Pixelimity cross-site scripting vulnerability

Pixelimity is a PHP-based CMS Content Management System.A cross-site scripting vulnerability exists in Pixelimity version 1.0, which stems from a lack of data validation filtering of user-supplied and output data in the Title field of admin/pages.php. An attacker could exploit the vulnerability t...

Cross site scripting

A stored cross-site scripting XSS vulnerability in Pixelimity 1.0 allows attackers to execute arbitrary web scripts or HTML via the Title field in admin/pages.php?action=addnew...

CVE-2018-17835

An issue was discovered in GetSimple CMS 3.3.15. An administrator can insert stored XSS via the admin/settings.php Custom Permalink Structure parameter, which injects the XSS payload into any page created at the admin/pages.php URI...

CVE-2018-17835

GetSimple CMS 3.3.15 is affected by CVE-2018-17835. The issue is a stored XSS: an administrator can inject malicious payload via the admin/settings.php Custom Permalink Structure parameter, which then contaminates any page created at the admin/pages.php URI. The vulnerability is rooted in imprope...