CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-23240
https://notcve.org/view.php?id=CVE-2020-23240
26 Jul 2021 — Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en CMS Made Simple versión 2.2.14 por medio del campo Logic en la funcionalidad Content Manager • http://dev.cmsmadesimple.org/bug/view/12321 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36416
https://notcve.org/view.php?id=CVE-2020-36416
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Design" parameter under the "Designs" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el parámetro "Create a new Design" en el módul... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36415
https://notcve.org/view.php?id=CVE-2020-36415
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Stylesheet" parameter under the "Stylesheets" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el parámetro "Create a new Stylesheet"... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36414
https://notcve.org/view.php?id=CVE-2020-36414
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "URL (slug)" or "Extra" fields under the "Add Article" feature. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en los campos "URL (slug)" o "Extra" en la fu... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36413
https://notcve.org/view.php?id=CVE-2020-36413
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36412
https://notcve.org/view.php?id=CVE-2020-36412
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el campo "Search Text" del módulo "Admin Search" • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36411
https://notcve.org/view.php?id=CVE-2020-36411
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Path for the {page_image} tag:" or "Path for thumbnail field:" parameters under the "Content Editing Settings" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada i... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36410
https://notcve.org/view.php?id=CVE-2020-36410
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Email address to receive notification of news submission" parameter under the "Options" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar script web o HTML arbitrarios por medio de una carga útil diseñada introducida en el paráme... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36409
https://notcve.org/view.php?id=CVE-2020-36409
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el parámetro "Add Category" del módulo "Categories... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36408
https://notcve.org/view.php?id=CVE-2020-36408
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el parámetro "Add Shortcut" del módulo "Mana... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •