Cross Site Scripting Vulnerability in GetSimple CMS by NING0121
CVE-2023-51246
5.4MEDIUM
What is CVE-2023-51246?
A Cross Site Scripting (XSS) vulnerability exists in GetSimple CMS version 3.3.16 when backend users utilize Source Code Mode to add articles via the /admin/edit.php page. This flaw allows attackers to inject malicious scripts, potentially compromising user data or manipulating website content. It's crucial for users of this version to adopt protective measures and stay informed about updates that address this vulnerability.
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published