2 matches found
CVE-2019-17629
CMS Made Simple CMSMS 2.2.11 allows stored XSS by an admin via a crafted image filename on the "file manager upload images" screen...
CVE-2019-17629
CMS Made Simple (CMSMS) 2.2.11 is affected by a stored cross‑site scripting (XSS) flaw. An admin can inject malicious content via a crafted image filename in the file manager > upload images screen, which is stored and later rendered in the application. The root cause is not explicitly detaile...