CVE-2020-22732

CMS Made Simple (CMSMS) 2.2.14 allows stored XSS via the Extensions > Fie Picker..