NotCVE - vendor:"Cmsmadesimple" product:"Cmsmadesimple" version:"2.2.3.1"

1 results (0.010 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-16799

https://notcve.org/view.php?id=CVE-2017-16799

In CMS Made Simple 2.2.3.1, in modules/New/action.addcategory.php, stored XSS is possible via the m1_name parameter to admin/moduleinterface.php during addition of a category, a related issue to CVE-2010-3882. En CMS Made Simple 2.2.3.1, en modules/New/action.addcategory.php, Cross-Site Scripting (XSS) persistente es posible mediante el parámetro m1_name en admin/moduleinterface.php a la hora de añadir una categoría. Esta es una vulnerabilidad relacionada con CVE-2010-3882. • https://github.com/bsmali4/cve/blob/master/CMS%20Made%20Simple%20Stored%20XSS.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •