Medium severity4.8OSV Advisory· Published Oct 1, 2018· Updated Jun 17, 2026
CVE-2018-17835
CVE-2018-17835
Description
An issue was discovered in GetSimple CMS 3.3.15. An administrator can insert stored XSS via the admin/settings.php Custom Permalink Structure parameter, which injects the XSS payload into any page created at the admin/pages.php URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 3.3.12, 3.3.15, v3.1.1, …
- Range: =3.3.15
Patches
Vulnerability mechanics
References
1- github.com/GetSimpleCMS/GetSimpleCMS/issues/1298nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.