The remote host is vulnerable to an HTML injection attack.
The remote host is running a version of CMSimple, a content management system. The remote version of this software is prone to multiple input validation vulnerabilities. An attacker may exploit these flaws to inject arbitrary code to steal authentication cookies.
Upgrade to CMSimple 2.4 Beta 5 or higher.