CMSimple 5.4 is vulnerable to Cross Site Scripting (XSS) via the file upload feature.
References
Link | Resource |
---|---|
https://github.com/iiSiLvEr/CMSimple5.4-Vulnerabilities | Broken Link |
https://github.com/iiSiLvEr/CVEs/tree/main/CVE-2021-43742 | Exploit Third Party Advisory |
Configurations
Information
Published : 2022-04-13 06:15
Updated : 2022-08-05 20:20
NVD link : CVE-2021-43742
Mitre link : CVE-2021-43742
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
cmsimple
- cmsimple