CVE-2023-43358

CVE-2023-43358

EPSS 0.5%

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/sromanhu/CMSmadesimple-Stored-XSS---News https://github.com/sromanhu/CVE-2023-43358-CMSmadesimple-Stored-XSS---News