Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

CMSimple < 2.4 Beta 5 Multiple Remote Input Validation Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to an HTML injection attack.

Description

The remote host is running a version of CMSimple, a content management system. The remote version of this software is prone to multiple input validation vulnerabilities. An attacker may exploit these flaws to inject arbitrary code to steal authentication cookies.

Solution

Upgrade to CMSimple 2.4 Beta 5 or higher.