CVE-2023-51246

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jan 8, 2024
Updated: Jan 12, 2024
CWE ID 79

Summary

CVE-2023-51246 denotes a Cross Site Scripting (XSS) vulnerability discovered in GetSimple CMS version 3.3.16. This issue arises when using the Source Code Mode while adding articles as a backend user via the /admin/edit.php page. Successful exploitation of this vulnerability allows an attacker to inject malicious scripts into a victim's browser, potentially leading to unauthorized actions or data theft. It is recommended that users of GetSimple CMS 3.3.16 upgrade to a patched version immediately to mitigate the risk of attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share