Cross-Site Scripting Vulnerability in CMSimple Classic by CMSimple
CVE-2014-2219

Currently unrated

Key Information:

Vendor

Cmsimple

Status
Cmsimple Classic
Vendor
CVE Published:
20 March 2014

What is CVE-2014-2219?

A cross-site scripting (XSS) vulnerability exists in the whizzywig/wb.php file within CMSimple Classic, affecting versions 3.54 and prior. This flaw enables remote attackers to inject arbitrary web scripts or HTML code via the 'd' parameter, potentially compromising user data and enabling a range of malicious activities. It is crucial for users of affected versions to update their installations to mitigate potential exploitation risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/531527/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/66312
vdb-entryx_refsource_BID
https://www.htbridge.com/advisory/HTB23205
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.