Gpeasy: >> Gpeasy Cms >> 2.3.3 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in the NewSectionPrompt function in include/tool/editing_page.php in gpEasy CMS 3.5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the section parameter in a new_section action to index.php.
CVSS Score
4.3
EPSS Score
0.134
Published
2014-03-28
Cross-site scripting (XSS) vulnerability in index.php/Admin_Preferences in gpEasy CMS 2.3.3 allows remote attackers to inject arbitrary web script or HTML via the jsoncallback parameter.
CVSS Score
4.3
EPSS Score
0.003
Published
2013-01-24