Medium severity6.1OSV Advisory· Published Apr 2, 2018· Updated Jun 17, 2026
CVE-2018-9173
CVE-2018-9173
Description
Cross-site scripting (XSS) vulnerability in admin/template/js/uploadify/uploadify.swf in GetSimple CMS 3.3.13 allows remote attackers to inject arbitrary web script or HTML, as demonstrated by the movieName parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: v3.1.1, v3.1.2, v3.2.1, …
- Range: = 3.3.13
Patches
Vulnerability mechanics
References
2- www.exploit-db.com/exploits/44408/nvdExploitThird Party AdvisoryVDB Entry
- github.com/GetSimpleCMS/GetSimpleCMS/issues/1266nvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.