CVE-2018-5965
CMS Made Simple (CMSMS) 2.2.5 exposes a Cross-Site Scripting (XSS) vulnerability in admin/moduleinterface.php via the m1_errors parameter. The root cause, as stated, is unvalidated input being reflected, enabling script injection in the context of the admin interface. Public references in the con...