CVE-2013-3929

Cmsmadesimple Cms Made Simple - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS Made Simple (CMSMS) 1.11.9 allows remote authenticated users with the "Modify Events" permission to inject arbitrary web script or HTML via the handler parameter.

References (1)

[Vendor Advisory] http://secunia.com/advisories/53920

Scores

EPSS 0.0019

EPSS Percentile 40.0%

Details

CWE

CWE-79

Status published

Products (2)

cmsmadesimple/cms_made_simple

n/a/n/a

Published Dec 09, 2013

Tracked Since Feb 18, 2026