PHP.CMS.Made.Simple.Index.php.XSS
Description
It indicates a possible exploit of a Cross-Site Scripting vulnerability in CMS Made Simple. The script does not properly filter user-supplied HTML input in the "page" parameter before displaying the input. A specifically crafted URL provided by an attacker can cause the execution of arbitrary script.
Affected Products
CMS Made Simple CMS Made Simple 0.10
Impact
Disclosure or Modification of sensitive data
Recommended Actions
Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |