2 matches found
CVE-2024-33423
Cross-Site Scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Logout parameter under the Language section...
CVE-2024-33423
CMSimple v5.15 is affected by a Cross-Site Scripting (XSS) vulnerability in the Settings menu, specifically via the Logout parameter under Language. The root cause is insufficient input filtering, allowing an attacker to inject arbitrary web scripts/HTML. Consequences could include script executi...