Get-Simple: >> Getsimple Cms >> 3.3.16 Security Vulnerabilities
GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php.
CVSS Score
9.8
EPSS Score
0.643
Published
2022-10-18
GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page
CVSS Score
5.4
EPSS Score
0.004
Published
2020-10-01
A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form.
CVSS Score
6.1
EPSS Score
0.14
Published
2020-09-01