Vulnerabilities > Cmsimple > Cmsimple > 4.7.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-19 | CVE-2018-19508 | Cross-site Scripting vulnerability in Cmsimple 4.7.5 CMSimple 4.7.5 has XSS via an admin's upload of an SVG file at a ?userfiles&subdir=userfiles/images/flags/ URI. | 3.5 |
| 2018-12-19 | CVE-2018-19507 | Cross-site Scripting vulnerability in Cmsimple 4.7.5 CMSimple 4.7.5 has XSS via an admin's use of a ?file=config&action=array URI. | 3.5 |