2 matches found
CVE-2017-10673
admin/profile.php in GetSimple CMS 3.x has XSS in a name field...
CVE-2017-10673
CVE-2017-10673 affects GetSimple CMS 3.x; the admin/profile.php name field is vulnerable to cross-site scripting (XSS). The root cause is improper handling/escaping of the name value, enabling injection of arbitrary script/HTML. Impact is limited to contexts where the vulnerable profile name is r...