Security Advisory

CVE-2021-47919

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-01 12:15:50
Last updated 2026-03-05 01:29:19
Assigner VulnCheck
State PUBLISHED

Description

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php files id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.