2 matches found
CMS Made Simple <= 2.1.6 Multiple XSS Vulnerabilities
CMS Made Simple is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-7255
CVE-2017-7255 describes a cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) 2.1.6, triggered in the Content→News→Add Article workflow via the m1_title parameter. Affected software is CMSMS; the issue is a reflected/stored XSS caused by unsanitized input in the m1_title field, wi...