CVE-2017-10673
CVE-2017-10673 affects GetSimple CMS 3.x; the admin/profile.php name field is vulnerable to cross-site scripting (XSS). The root cause is improper handling/escaping of the name value, enabling injection of arbitrary script/HTML. Impact is limited to contexts where the vulnerable profile name is r...