CMSimple < 2.4 Beta 5 Multiple Remote Input Validation Vulnerabilities
Medium Nessus Network Monitor Plugin ID 2544
SynopsisThe remote host is vulnerable to an HTML injection attack.
DescriptionThe remote host is running a version of CMSimple, a content management system. The remote version of this software is prone to multiple input validation vulnerabilities. An attacker may exploit these flaws to inject arbitrary code to steal authentication cookies.
SolutionUpgrade to CMSimple 2.4 Beta 5 or higher.