Medium severity5.4NVD Advisory· Published Mar 9, 2017· Updated Jun 17, 2026
CVE-2017-6556
CVE-2017-6556
Description
Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the "adminpage > sitesetting > General Settings > globalmetadata" field.
Affected products
1- cpe:2.3:a:cmsmadesimple:cms_made_simple:2.1.6:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2- www.daimacn.comnvdExploitThird Party Advisory
- www.securityfocus.com/bid/96933nvd
News mentions
0No linked articles in our index yet.