CVE-2019-10105: XSS
First published: Tue Mar 26 2019(Updated: )
CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cmsmadesimple Cms Made Simple | =2.2.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-10105.
What is the severity of CVE-2019-10105?
The severity of CVE-2019-10105 is medium with a CVSS score of 5.4.
How can the vulnerability CVE-2019-10105 be exploited?
CVE-2019-10105 can be exploited via the Layout Design Manager "Name" field, which is reachable through a "Create a new Template" action in the Design Manager of CMS Made Simple 2.2.10.
What software version is affected by CVE-2019-10105?
The software version affected by CVE-2019-10105 is CMS Made Simple 2.2.10.
Is there a patch or fix available for CVE-2019-10105?
Yes, a patch or fix for CVE-2019-10105 is available. Please refer to the official CMS Made Simple website or the provided reference link for more information.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/cmsmadesimple
- canonical/cmsmadesimple cms made simple
- version/cmsmadesimple cms made simple/2.2.10