XSS Vulnerability in CMS Made Simple 2.2.10 via moduleinterface.php Name Field
CVE-2019-10017 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker.
Learn more about our Web Application Penetration Testing UK.