Arbitrary Script Injection in CMS Made Simple (CMSMS) 1.11.9

Arbitrary Script Injection in CMS Made Simple (CMSMS) 1.11.9

CVE-2013-3929 · LOW Severity

AV:N/AC:H/AU:S/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS Made Simple (CMSMS) 1.11.9 allows remote authenticated users with the "Modify Events" permission to inject arbitrary web script or HTML via the handler parameter.

Learn more about our Web App Pen Testing.