2 matches found
CVE-2023-43872
A File upload vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to upload a pdf file with hidden Cross Site Scripting XSS...
CVE-2023-43872
CMS Made Simple 2.2.18 is affected by a file-upload vulnerability that lets a local attacker upload a PDF containing hidden XSS. Root cause: lack of validation of uploaded files. Impact indicators in the source describe cross-site scripting with low privileges and user interaction required, thoug...