XSS Vulnerability in CMS Made Simple by CMS Made Simple
CVE-2020-23240

4.8MEDIUM

Key Information:

Vendor: Cmsmadesimple
Status: Cms Made Simple
Vendor: CVE Published:; 26 July 2021

🔔 Create Cmsmadesimple Vulnerability Alert

What is CVE-2020-23240?

This vulnerability allows an attacker to exploit a cross-site scripting flaw within the Logic field in the Content Manager of CMS Made Simple version 2.2.14. Successful exploitation could enable an attacker to execute arbitrary scripts in the context of the user’s browser, potentially compromising user data and session integrity. To mitigate this risk, it is crucial for users to update to the latest version of CMS Made Simple and follow best security practices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://dev.cmsmadesimple.org/bug/view/12321

x_refsource_MISC

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2021
Vulnerability Reserved
Aug 13, 2020

JSON

Cmsmadesimple

What is CVE-2020-23240?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.