Vulnerabilities > Cmsimple > Cmsimple > 5.4

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-13	CVE-2021-43741	Path Traversal vulnerability in Cmsimple 5.4 CMSimple 5.4 is vulnerable to Directory Traversal. network low complexity cmsimple CWE-22 critical	9.8
2022-04-13	CVE-2021-43742	Cross-site Scripting vulnerability in Cmsimple 5.4 CMSimple 5.4 is vulnerable to Cross Site Scripting (XSS) via the file upload feature. network low complexity cmsimple CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.