XSS Vulnerability in CMS Made Simple 2.2.10 via 'moduleinterface.php' Name Field
CVE-2019-10106 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
CMS Made Simple 2.2.10 has XSS via the 'moduleinterface.php' Name field, which is reachable via an "Add Category" action to the "Site Admin Settings - News module" section.
Learn more about our Web Application Penetration Testing UK.