CVE-2013-4167

Cmsmadesimple Cms Made Simple < 1.11.6 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) before 1.11.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (4)

[Various Sources] http://forum.cmsmadesimple.org/viewtopic.php?f=1&t=66590&p=299356

[Various Sources] https://twitter.com/LeakFree/status/336942367351394305

[Mailing List] http://www.openwall.com/lists/oss-security/2013/07/21/1

[Mailing List] http://www.openwall.com/lists/oss-security/2013/07/25/7

Scores

EPSS 0.0029

EPSS Percentile 51.7%

Details

CWE

CWE-79

Status published

Products (9)

cmsmadesimple/cms_made_simple < 1.11.6

cmsmadesimple/cms_made_simple

n/a/n/a

Published Oct 11, 2013

Tracked Since Feb 18, 2026