Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) param parameter to admin/load.php or (2) user, (3) email, or (4) name parameter in a Save Settings action to admin/settings.php.
AV:N/AC:M/Au:N/C:N/I:P/A:N
14/05/2014
by Get-Simple
2 years ago
by Cagintranetworks
7 years ago