Cms Made Simple@2.2.19 Security Vulnerabilities and Issues — Cms Made Simple@2.2.19 CVE List

Lucene search

CmsmadesimpleCms Made Simple2.2.19

3 matches found

CVE•added 2024/03/05 2:15 p.m.•77 views

CVE-2024-27623

CMS Made Simple version 2.2.19 is vulnerable to Server-Side Template Injection (SSTI). The vulnerability exists within the Design Manager, particularly when editing the Breadcrumbs.

5.9CVSS9.4AI score0.00034EPSS

CVE•added 2024/03/05 2:15 p.m.•58 views

CVE-2024-27622

A remote code execution vulnerability has been identified in the User Defined Tags module of CMS Made Simple version 2.2.19 / 2.2.21. This vulnerability arises from inadequate sanitization of user-supplied input in the 'Code' section of the module. As a result, authenticated users with administrati...

7.2CVSS9.7AI score0.02651EPSS

CVE•added 2024/03/05 2:15 p.m.•51 views

CVE-2024-27625

CMS Made Simple Version 2.2.19 is vulnerable to Cross Site Scripting (XSS). This vulnerability resides in the File Manager module of the admin panel. Specifically, the issue arises due to inadequate sanitization of user input in the "New directory" field.

4.8CVSS9AI score0.00057EPSS