Cross-Site Scripting (XSS) vulnerability in the Settings...
High severity
Unreviewed
Published
May 1, 2024
to the GitHub Advisory Database
•
Updated Jul 3, 2024
Description
Published by the National Vulnerability Database
May 1, 2024
Published to the GitHub Advisory Database
May 1, 2024
Last updated
Jul 3, 2024
Cross-Site Scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Logout parameter under the Language section.
References