First published: Thu Oct 01 2020(Updated: )
GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Get-simple Getsimple Cms | =3.3.16 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-24861.
CVE-2020-24861 has a severity rating of 5.4 (medium).
The affected software is GetSimple CMS version 3.3.16.
CVE-2020-24861 is a persistent cross-site scripting (XSS) vulnerability.
To fix CVE-2020-24861, update GetSimple CMS to a version that has addressed the vulnerability.