VYPR
Unrated severityNVD Advisory· Published Dec 19, 2018· Updated Aug 5, 2024

CVE-2018-19508

CVE-2018-19508

Description

CMSimple 4.7.5 has XSS via an admin's upload of an SVG file at a ?userfiles&subdir=userfiles/images/flags/ URI.

Affected products

2
  • Cmsimple/Cmsimpleinferred2 versions
    <=4.7.5+ 1 more
    • (no CPE)range: <=4.7.5
    • (no CPE)range: = 4.7.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.