Vulnerabilities > GET Simple > Getsimple CMS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-27 | CVE-2022-1503 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS A vulnerability, which was classified as problematic, has been found in GetSimple CMS. | 5.4 |
| 2020-10-01 | CVE-2020-24861 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.16 GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page | 5.4 |
| 2020-09-01 | CVE-2020-23839 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.16 A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form. | 6.1 |
| 2020-01-02 | CVE-2013-1420 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to backup-edit.php; (2) title or (3) menu parameter to edit.php; or (4) path or (5) returnid parameter to filebrowser.php in admin/. | 6.1 |
| 2019-09-15 | CVE-2019-16333 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.15 GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting (XSS) in admin/theme-edit.php. | 5.4 |
| 2018-12-31 | CVE-2018-19845 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.12 There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325. | 5.4 |
| 2018-10-01 | CVE-2018-17835 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.15 An issue was discovered in GetSimple CMS 3.3.15. | 4.8 |
| 2018-09-01 | CVE-2018-16325 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.4.0.9 There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field. | 6.1 |
| 2018-08-25 | CVE-2018-15843 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.14 GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add New Page" field. | 4.8 |
| 2018-04-02 | CVE-2018-9173 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.13 Cross-site scripting (XSS) vulnerability in admin/template/js/uploadify/uploadify.swf in GetSimple CMS 3.3.13 allows remote attackers to inject arbitrary web script or HTML, as demonstrated by the movieName parameter. | 6.1 |