top of page

Sentence 18

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module.

Actual

  • Exploit mechanism: stored cross scripting (XSS)

  • Exploit objective: execute arbitrary web scripts or HTML

  • Attack pathway: authenticated attackers, crafted payload entered into the "Add Category" parameter

Predicted

  • Exploit mechanism: stored cross scripting (XSS)

  • Exploit objective: execute arbitrary web scripts or HTML

  • Attack pathway: authenticated attackers

bottom of page