Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1, 3.1.2, 3.2.3, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Email Address or (2) Custom Permalink Structure fields in admin/settings.php; (3) path parameter to admin/upload.php; (4) err parameter to admin/theme.php; (5) error parameter to admin/pages.php; or (6) success or (7) err parameter to admin/index.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-01-16T21:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2014-01-16T00:00:00
Link: CVE-2012-6621
JSON object: View
NVD Information
Status : Modified
Published: 2014-01-16T21:55:08.487
Modified: 2018-10-30T16:27:48.420
Link: CVE-2012-6621
JSON object: View
Redhat Information
No data.
CWE