Security Advisory

CVE-2018-17835

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-10-01 08:00:00

Last updated 2024-08-05 10:54:10

Assigner mitre

State PUBLISHED

Description

An issue was discovered in GetSimple CMS 3.3.15. An administrator can insert stored XSS via the admin/settings.php Custom Permalink Structure parameter, which injects the XSS payload into any page created at the admin/pages.php URI.

← Browse all CVEs View on cve.org ↗