3 matches found
CVE-2021-28977
Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header information to the content of xla, pages, and gzip files,...
CVE-2021-28977
Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header information to the content of xla, pages, and gzip files,...
CVE-2021-28977
GetSimpleCMS 3.3.16 is affected by a cross-site scripting vulnerability in admin/upload.php. The issue arises from injecting comments or file header data into content stored in xla, pages, and gzip files, enabling XSS. Multiple connected sources (including Red Hat, CNVD/CNNVD, OSV, CVE registry) ...