CVE-2010-3882: XSS
First published: Fri Oct 08 2010(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.7.1 and earlier allow remote attackers to inject arbitrary web script or HTML via input to the (1) Add Pages, (2) Add Global Content, (3) Edit Global Content, (4) Add Article, (5) Add Category, (6) Add Field Definition, or (7) Add Shortcut module.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Simple CMS | <=1.7.1 | |
| Simple CMS | =0.10 | |
| Simple CMS | =0.10.3 | |
| Simple CMS | =0.10.4 | |
| Simple CMS | =0.11 | |
| Simple CMS | =0.11-beta5 | |
| Simple CMS | =0.11-beta6 | |
| Simple CMS | =0.11.1 | |
| Simple CMS | =0.11.2 | |
| Simple CMS | =0.12 | |
| Simple CMS | =0.12-beta1 | |
| Simple CMS | =0.12-beta2 | |
| Simple CMS | =0.12.1 | |
| Simple CMS | =0.12.2 | |
| Simple CMS | =0.13-beta1 | |
| Simple CMS | =0.13-beta2 | |
| Simple CMS | =0.13-beta3 | |
| Simple CMS | =1.0 | |
| Simple CMS | =1.0-beta1 | |
| Simple CMS | =1.0-beta2 | |
| Simple CMS | =1.0-beta3 | |
| Simple CMS | =1.0-beta4 | |
| Simple CMS | =1.0-beta5 | |
| Simple CMS | =1.0-beta6 | |
| Simple CMS | =1.0.1 | |
| Simple CMS | =1.0.2 | |
| Simple CMS | =1.0.3 | |
| Simple CMS | =1.0.4 | |
| Simple CMS | =1.0.5 | |
| Simple CMS | =1.0.6 | |
| Simple CMS | =1.0.7 | |
| Simple CMS | =1.0.8 | |
| Simple CMS | =1.1 | |
| Simple CMS | =1.1-rc1 | |
| Simple CMS | =1.1-rc2 | |
| Simple CMS | =1.1-rc3 | |
| Simple CMS | =1.1.1 | |
| Simple CMS | =1.1.2 | |
| Simple CMS | =1.1.3.1 | |
| Simple CMS | =1.1.4.1 | |
| Simple CMS | =1.2 | |
| Simple CMS | =1.2-beta1 | |
| Simple CMS | =1.2-beta2 | |
| Simple CMS | =1.2-beta3 | |
| Simple CMS | =1.2-rc1 | |
| Simple CMS | =1.2.1 | |
| Simple CMS | =1.2.2 | |
| Simple CMS | =1.2.3 | |
| Simple CMS | =1.2.4 | |
| Simple CMS | =1.2.5 | |
| Simple CMS | =1.3 | |
| Simple CMS | =1.3-beta1 | |
| Simple CMS | =1.3-beta2 | |
| Simple CMS | =1.3.1 | |
| Simple CMS | =1.4 | |
| Simple CMS | =1.4-beta1 | |
| Simple CMS | =1.4-beta2 | |
| Simple CMS | =1.4.1 | |
| Simple CMS | =1.5 | |
| Simple CMS | =1.5-beta1 | |
| Simple CMS | =1.5.1 | |
| Simple CMS | =1.5.2 | |
| Simple CMS | =1.5.3 | |
| Simple CMS | =1.5.4 | |
| Simple CMS | =1.6 | |
| Simple CMS | =1.6.1 | |
| Simple CMS | =1.6.2 | |
| Simple CMS | =1.6.3 | |
| Simple CMS | =1.6.4 | |
| Simple CMS | =1.6.5 | |
| Simple CMS | =1.6.6 | |
| Simple CMS | =1.6.7 | |
| Simple CMS | =1.6.8 | |
| Simple CMS | =1.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-3882?
CVE-2010-3882 has been classified with a medium severity level due to its potential for exploitation.
How do I fix CVE-2010-3882?
To fix CVE-2010-3882, upgrade to CMS Made Simple version 1.7.2 or later to mitigate the vulnerabilities.
What types of attacks are possible with CVE-2010-3882?
CVE-2010-3882 allows remote attackers to perform cross-site scripting attacks by injecting arbitrary web scripts into affected CMS Made Simple pages.
Which versions of CMS Made Simple are affected by CVE-2010-3882?
CVE-2010-3882 affects CMS Made Simple versions 1.7.1 and earlier.
Can I be vulnerable to CVE-2010-3882 if I am using a patched version of CMS Made Simple?
If you are using a patched version of CMS Made Simple later than 1.7.1, you should not be vulnerable to CVE-2010-3882.
- agent/type
- agent/references
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/cmsmadesimple
- canonical/simple cms
- version/simple cms/1.7.1
- version/simple cms/0.10
- version/simple cms/0.10.3
- version/simple cms/0.10.4
- version/simple cms/0.11
- version/simple cms/0.11-beta5
- version/simple cms/0.11-beta6
- version/simple cms/0.11.1
- version/simple cms/0.11.2
- version/simple cms/0.12
- version/simple cms/0.12-beta1
- version/simple cms/0.12-beta2
- version/simple cms/0.12.1
- version/simple cms/0.12.2
- version/simple cms/0.13-beta1
- version/simple cms/0.13-beta2
- version/simple cms/0.13-beta3
- version/simple cms/1.0
- version/simple cms/1.0-beta1
- version/simple cms/1.0-beta2
- version/simple cms/1.0-beta3
- version/simple cms/1.0-beta4
- version/simple cms/1.0-beta5
- version/simple cms/1.0-beta6
- version/simple cms/1.0.1
- version/simple cms/1.0.2
- version/simple cms/1.0.3
- version/simple cms/1.0.4
- version/simple cms/1.0.5
- version/simple cms/1.0.6
- version/simple cms/1.0.7
- version/simple cms/1.0.8
- version/simple cms/1.1
- version/simple cms/1.1-rc1
- version/simple cms/1.1-rc2
- version/simple cms/1.1-rc3
- version/simple cms/1.1.1
- version/simple cms/1.1.2
- version/simple cms/1.1.3.1
- version/simple cms/1.1.4.1
- version/simple cms/1.2
- version/simple cms/1.2-beta1
- version/simple cms/1.2-beta2
- version/simple cms/1.2-beta3
- version/simple cms/1.2-rc1
- version/simple cms/1.2.1
- version/simple cms/1.2.2
- version/simple cms/1.2.3
- version/simple cms/1.2.4
- version/simple cms/1.2.5
- version/simple cms/1.3
- version/simple cms/1.3-beta1
- version/simple cms/1.3-beta2
- version/simple cms/1.3.1
- version/simple cms/1.4
- version/simple cms/1.4-beta1
- version/simple cms/1.4-beta2
- version/simple cms/1.4.1
- version/simple cms/1.5
- version/simple cms/1.5-beta1
- version/simple cms/1.5.1
- version/simple cms/1.5.2
- version/simple cms/1.5.3
- version/simple cms/1.5.4
- version/simple cms/1.6
- version/simple cms/1.6.1
- version/simple cms/1.6.2
- version/simple cms/1.6.3
- version/simple cms/1.6.4
- version/simple cms/1.6.5
- version/simple cms/1.6.6
- version/simple cms/1.6.7
- version/simple cms/1.6.8
- version/simple cms/1.7