Unrated severityNVD Advisory· Published Dec 9, 2013· Updated Jun 16, 2026
CVE-2013-3929
CVE-2013-3929
Description
Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS Made Simple (CMSMS) 1.11.9 allows remote authenticated users with the "Modify Events" permission to inject arbitrary web script or HTML via the handler parameter.
Affected products
2- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.9:*:*:*:*:*:*:*
- Range: =1.11.9
Patches
Vulnerability mechanics
References
1- secunia.com/advisories/53920nvdVendor Advisory
News mentions
0No linked articles in our index yet.