← back
CVE-2010-1482

CVE-2010-1482

EPSS 1.1%
Cross-site scripting (XSS) vulnerability in admin/editprefs.php in the backend in CMS Made Simple (CMSMS) before 1.7.1 might allow remote attackers to inject arbitrary web script or HTML via the date_format_string parameter.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://blog.cmsmadesimple.org/2010/05/01/announcing-cms-made-simple-1-7-1-escade/http://int21.de/cve/CVE-2010-1482-cmsmadesimple-xss-backend.htmlhttp://www.securityfocus.com/archive/1/511178http://www.securityfocus.com/bid/39997