3 matches found
CVE-2019-10017
CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker...
CVE-2019-10017
CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker...
CVE-2019-10017
CVE-2019-10017 affects CMS Made Simple 2.2.10, where a cross-site scripting (XSS) flaw is triggered via the moduleinterface.php Name field during the File Picker’s "Add a new Profile" flow. The issue is documented across multiple feeds (NVD, Red Hat, CNVD, CVE lists) with consistent description: ...