XSS Vulnerability in CMSimple 4.7.5 via SVG File Upload
CVE-2018-19508 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
CMSimple 4.7.5 has XSS via an admin's upload of an SVG file at a ?userfiles&subdir=userfiles/images/flags/ URI.
Learn more about our User Device Pen Test.