CVE-2018-19507
CMSimple 4.7.5 is affected by a stored/reflected XSS issue triggered by an admin request using the URI parameter ?file=config&action=array. The NVD entry indicates the vulnerability exists in the web application’s handling of user-supplied input, enabling HTML/script injection that can potentiall...