Security Advisory

CVE-2019-9058

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-03-26 16:40:52

Last updated 2024-08-04 21:38:46

Assigner mitre

State PUBLISHED

Description

An issue was discovered in CMS Made Simple 2.2.8. In the administrator page admin/changegroupperm.php, it is possible to send a crafted value in the sel_groups parameter that leads to authenticated object injection.

← Browse all CVEs View on cve.org ↗