First published: Tue Aug 10 2021(Updated: )
GetSimpleCMS 3.3.16 contains a cross-site Scripting (XSS) vulnerability, where Function TSL does not filter check settings.php Website URL: "siteURL" parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Get-simple Getsimplecms | =3.3.16 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-36601 is medium.
CVE-2021-36601 has a cross-site scripting (XSS) vulnerability.
GetSimpleCMS version 3.3.16 is affected by CVE-2021-36601.
The XSS vulnerability in GetSimpleCMS 3.3.16 can be exploited by not filtering the check settings.php Website URL.
There is no specific fix information available for CVE-2021-36601, it is recommended to update to the latest version of GetSimpleCMS.