top of page
Sentence 8
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module.
Actual
Tags:
-
Exploit mechanism: cross scripting (XSS)
-
Exploit objective: execute arbitrary web scripts
-
Attack pathway: crafted payload, authenticated attackers
Predicted
Tags:
-
Exploit mechanism: stored cross scripting (XSS)
-
Exploit objective: execute arbitrary web scripts or HTML
-
Attack pathway: authenticated attackers
bottom of page