CMS Made Simple <= 2.1.6 Multiple XSS Vulnerabilities

CMS Made Simple is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-7256

CMS Made Simple (CMSMS) 2.1.6 contains a cross-site scripting (XSS) vulnerability in the Content→News→Add Article flow via the m1_summary parameter. The attack requires an authenticated user (login) to exploit the vulnerability. Affected component is the m1_summary parameter handling within the N...