Page 4 of 26 results (0.003 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Path for the {page_image} tag:" or "Path for thumbnail field:" parameters under the "Content Editing Settings" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en los parámetros "Path for the {page_image} tag:" o "Path for thumbnail field:" en el módulo "Content Editing Settings" • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Email address to receive notification of news submission" parameter under the "Options" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar script web o HTML arbitrarios por medio de una carga útil diseñada introducida en el parámetro "Email address to receive notification of news submission" en el módulo "Options" • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el parámetro "Add Category" del módulo "Categories" • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el parámetro "Add Shortcut" del módulo "Manage Shortcuts" • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1

A cross-site scripting (XSS) vulnerability was discovered in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an attacker to execute arbitrary web scripts. Se ha detectado una vulnerabilidad de tipo cross-site scripting (XSS) en el panel del Administrador del módulo "Setting News" en CMS Made Simple versión 2.2.14, que permite a un atacante ejecutar scripts web arbitrarios • http://dev.cmsmadesimple.org/bug/view/12317 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •