Cmsmadesimple » Cms Made Simple » 2.2.8 : Security Vulnerabilities, CVEs, Published In 2018 (XSS)
There is a reflected XSS vulnerability in the CMS Made Simple 2.2.8 admin/myaccount.php. This vulnerability is triggered upon an attempt to modify a user's mailbox with the wrong format. The response contains the user's previously entered email address.
Max CVSS
6.1
EPSS Score
0.09%
Published
2018-12-25
Updated
2019-01-10
CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-12-19
Updated
2019-02-26
2 vulnerabilities found