CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-7243

Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) post-menu field to edit.php or (2) Display name field to settings.php. NOTE: The Custom Permalink Structure and Email Address fields are already covered by CVE-2012-6621.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.7%

CVSS Severity

CVSS v2 Score 4.3

References

http://osvdb.org/101922
http://packetstormsecurity.com/files/124711
https://exchange.xforce.ibmcloud.com/vulnerabilities/90191
http://osvdb.org/101922
http://packetstormsecurity.com/files/124711
https://exchange.xforce.ibmcloud.com/vulnerabilities/90191

Products affected by CVE-2013-7243

Get-Simple » Getsimple Cms » Version: 3.1.2

cpe:2.3:a:get-simple:getsimple_cms:3.1.2
Get-Simple » Getsimple Cms » Version: 3.2.3

cpe:2.3:a:get-simple:getsimple_cms:3.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-7243

Products

Pricing

Contact Us