2 matches found
CVE-2023-43353
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component...
CVE-2023-43353
CMS Made Simple 2.2.18 is affected by a Cross-Site Scripting vulnerability in the News menu component’s extra parameter that can lead to arbitrary code execution. The issue is documented across multiple sources with PoC availability and a low-to-moderate CVSS (NVD base 5.4; AV:N/AC:L/PR:L/UI:R/S:...