Medium severity6.1NVD Advisory· Published Sep 1, 2020· Updated Jun 17, 2026
CVE-2020-23839
CVE-2020-23839
Description
A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- GetSimple/GetSimple CMSdescription
- Range: = 3.3.16
Patches
Vulnerability mechanics
References
3- github.com/GetSimpleCMS/GetSimpleCMS/issues/1330nvdExploitThird Party Advisory
- packetstormsecurity.com/files/162016/GetSimple-CMS-3.3.16-Cross-Site-Scripting-Shell-Upload.htmlnvdThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/49726nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.