Vulnerabilities > GET Simple > Getsimple CMS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-29 | CVE-2017-10673 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS admin/profile.php in GetSimple CMS 3.x has XSS in a name field. | 6.1 |
| 2017-03-17 | CVE-2014-8723 | Information Exposure vulnerability in Get-Simple Getsimple CMS 3.3.4 GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) plugins/anonymous_data.php or (2) plugins/InnovationPlugin.php, which reveals the installation path in an error message. | 5.3 |