Unrated severityNVD Advisory· Published Dec 23, 2025· Updated Apr 7, 2026
CMSimple 5.2 Stored Cross-Site Scripting via Filebrowser External Input
CVE-2021-47732
Description
CMSimple 5.2 contains a stored cross-site scripting vulnerability in the Filebrowser External input field that allows attackers to inject malicious JavaScript. Attackers can place unfiltered JavaScript code that executes when users click on Page or Files tabs, enabling persistent script injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/49751mitreexploit
- www.vulncheck.com/advisories/cmsimple-stored-cross-site-scripting-via-filebrowser-external-inputmitrethird-party-advisory
- www.cmsimple.org/en/mitreproduct
News mentions
0No linked articles in our index yet.