Hi, Glad to inform you two different issue we reported in CMS Made Simple Script. Here are the details: Affected Software : CMS Made Simple Affected Versions: Tested on 2.1.6 Vendor Homepage : http://ift.tt/YBoyO4 Vulnerability Type : Server-Side Template Injection Severity : Important Status : Fixed CVE-ID : CVE-2017-16783 CVSS Base Score (3.0) :9.8 CVSS Vector String(3.0): AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Netsparker Advisory Reference : NS-17-32 Detailed write up: http://ift.tt/2k5MAWZ For more information: http://ift.tt/2yWzu4S Affected Software : CMS Made Simple Affected Versions: 2.2.2 Homepage : http://ift.tt/YBoyO4 Vulnerability Type : Reflected XSS Severity : Important Status : Fixed CVE-ID : CVE-2017-16784 CVSS Base Score (3.0) :6.3 CVSS Vector String(3.0): AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Netsparker Advisory Reference : NS-17-31 Proof of concept write up: http://ift.tt/2k5MAWZ Fore more information: http://ift.tt/2yWBuu7
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment