2.1.6

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-24	CVE-2017-7257	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6 XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_content parameter. network low complexity cmsmadesimple CWE-79	5.4
2017-03-24	CVE-2017-7256	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6 XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_summary parameter. network low complexity cmsmadesimple CWE-79	5.4
2017-03-24	CVE-2017-7255	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6 XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_title parameter. network low complexity cmsmadesimple CWE-79	5.4
2017-03-09	CVE-2017-6556	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6 Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the "adminpage > sitesetting > General Settings > globalmetadata" field. network low complexity cmsmadesimple CWE-79	5.4
2017-03-09	CVE-2017-6555	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.1.6 Cross-site scripting (XSS) vulnerability in /admin/moduleinterface.php in CMS Made Simple 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the m1_description parameter (aka "Design Manager > Categories > Category Description"). network low complexity cmsmadesimple CWE-79	5.4