2 matches found
CVE-2020-36408
A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module...
CVE-2020-36408
CMS Made Simple 2.2.14 is affected by a stored XSS via the Add Shortcut field in the Manage Shortcuts module. Exploitation requires authentication, enabling attackers to inject and execute arbitrary web scripts or HTML in the context of the affected site. Affected product/version: CMS Made Simple...