PHP.CMS.Made.Simple.Index.php.XSS

description-logoDescription

It indicates a possible exploit of a Cross-Site Scripting vulnerability in CMS Made Simple. The script does not properly filter user-supplied HTML input in the "page" parameter before displaying the input. A specifically crafted URL provided by an attacker can cause the execution of arbitrary script.

affected-products-logoAffected Products

CMS Made Simple CMS Made Simple 0.10

Impact logoImpact

Disclosure or Modification of sensitive data

recomended-action-logoRecommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)