Cms Made Simple Security Vulnerabilities and Issues — Cms Made Simple CVE List

Lucene search

CmsmadesimpleCms Made Simple

11 matches found

CVE•added 2021/07/26 9:15 p.m.•73 views

CVE-2020-23241

Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature.

4.8CVSS4.9AI score0.00507EPSS

CVE•added 2021/07/26 9:15 p.m.•55 views

CVE-2020-23240

Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature.

4.8CVSS5.1AI score0.00507EPSS

CVE•added 2021/07/02 6:15 p.m.•54 views

CVE-2020-36414

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "URL (slug)" or "Extra" fields under the "Add Article" feature.

5.4CVSS5.2AI score0.00322EPSS

CVE•added 2021/07/02 6:15 p.m.•51 views

CVE-2020-36408

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module.

5.4CVSS5.2AI score0.00305EPSS

CVE•added 2021/07/02 6:15 p.m.•49 views

CVE-2020-36412

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module.

5.4CVSS5.2AI score0.00275EPSS

CVE•added 2021/07/02 6:15 p.m.•49 views

CVE-2020-36415

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Stylesheet" parameter under the "Stylesheets" module.

5.4CVSS5.2AI score0.00275EPSS

CVE•added 2021/07/02 6:15 p.m.•46 views

CVE-2020-36410

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Email address to receive notification of news submission" parameter under the "Options" module.

5.4CVSS5.2AI score0.00275EPSS

CVE•added 2021/07/02 6:15 p.m.•45 views

CVE-2020-36409

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module.

5.4CVSS5.2AI score0.00275EPSS

CVE•added 2021/07/02 6:15 p.m.•45 views

CVE-2020-36411

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Path for the {page_image} tag:" or "Path for thumbnail field:" parameters under the "Content Editing Settings" modul...

5.4CVSS5.3AI score0.00275EPSS

CVE•added 2021/07/02 6:15 p.m.•45 views

CVE-2020-36416

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Design" parameter under the "Designs" module.

5.4CVSS5.2AI score0.00275EPSS

CVE•added 2021/07/02 6:15 p.m.•42 views

CVE-2020-36413

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module.

5.4CVSS5.2AI score0.00275EPSS