2010-10-08 23:00:05 2010-10-11 19:42:23

Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.7.1 and earlier allow remote attackers to inject arbitrary web script or HTML via input to the (1) Add Pages, (2) Add Global Content, (3) Edit Global Content, (4) Add Article, (5) Add Category, (6) Add Field Definition, or (7) Add Shortcut module.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE
Cisco IOS 12.2 (17d)SXB8 Cisco IOS 12.2 (17d)SXB7 Cisco IOS 12.2 (14)SY1 Cisco IOS 12.2 (14)SY03 Cmsmadesimple Cms made simple 1.6.8 (not an official CPE) Cisco IOS 12.2 (17f) Cmsmadesimple Cms made simple 0.11 Beta5 (not an official CPE) Cisco IOS 12.2 (15)ZJ3 Cisco IOS 12.2 (14)SZ1 Cisco IOS 12.2 (14)ZA2 Cisco IOS 12.2 (14)ZA8 Cisco IOS 12.2 (14)SZ2 Cisco IOS 12.2(15)T9 Cmsmadesimple Cms made simple 1.1 Rc2 (not an official CPE) Cisco IOS 12.2 (15)XR Cisco IOS 12.2(15)T7 Cmsmadesimple Cms made simple 1.2 Rc1 (not an official CPE) Cmsmadesimple Cms made simple 1.1 Rc1 (not an official CPE) Cisco IOS 12.2(15)T8 Cmsmadesimple Cms made simple 0.13 Beta1 (not an official CPE) Cmsmadesimple Cms made simple 0.13 Beta3 (not an official CPE) Cmsmadesimple Cms made simple 0.13 Beta2 (not an official CPE) Cisco IOS 12.2 (15)ZN Cisco IOS 12.2 (15)ZL1 Cisco IOS 12.2 (14)SU2 Cisco IOS 12.2(15)ZJ Cisco IOS 12.2 (15)ZJ1 Cisco IOS 12.2 (14)ZA Cisco IOS 12.2 (14)SZ Cmsmadesimple Cms made simple 1.1 Rc3 (not an official CPE) Cisco IOS 12.2 (17b)SXA Cisco IOS 12.2 (17) Cisco IOS 12.2 (16.5)S Cisco IOS 12.2 (16)B1 Cisco IOS 12.2 (15)ZL Cmsmadesimple Cms made simple 1.0.7 (not an official CPE) Cisco IOS 12.2 (15)YS_1.2(1) Cmsmadesimple Cms made simple 1.0.8 (not an official CPE) Cisco IOS 12.2 (15)T5 Cisco IOS 12.2 (15)XR2 Cisco IOS 12.2 (18)EW2 Cisco IOS 12.2 (15)YS Cisco IOS 12.2 (17d) Cisco IOS 12.2(17d)SX Cisco IOS 12.2 (17d)SXB Cisco IOS 12.2 (17d)SXB10 Cisco IOS 12.2 (16f) Cisco IOS 12.2 (17a)SXA Cisco IOS 12.2 (17)a Cisco IOS 12.2 (16)B Cisco IOS 12.2 (15.1)S Cisco IOS 12.2(17a) Cisco IOS 12.2 (15)ZO Cisco IOS 12.2 (17)ZD3 Cisco IOS 12.2 (18)EW Cmsmadesimple Cms made simple 1.0 Beta1 (not an official CPE) Cmsmadesimple Cms made simple 1.2 Beta3 (not an official CPE) Cmsmadesimple Cms made simple 1.2 Beta2 (not an official CPE) Cmsmadesimple Cms made simple 1.0 Beta3 (not an official CPE) Cmsmadesimple Cms made simple 1.0 Beta2 (not an official CPE) Cmsmadesimple Cms made simple 0.12 Beta1 (not an official CPE) Cmsmadesimple Cms made simple 0.12 Beta2 (not an official CPE) Cmsmadesimple Cms made simple 0.11 Beta6 (not an official CPE) Cmsmadesimple Cms made simple 1.3.1 (not an official CPE) Cmsmadesimple Cms made simple 1.1.4.1 (not an official CPE) Cmsmadesimple Cms made simple 1.5 Beta1 (not an official CPE) Cisco IOS 12.2 (16)BX Cmsmadesimple Cms made simple 1.0 Beta4 (not an official CPE) Cmsmadesimple Cms made simple 1.4 Beta1 (not an official CPE) Cmsmadesimple Cms made simple 1.0 Beta5 (not an official CPE) Cmsmadesimple Cms made simple 1.4 Beta2 (not an official CPE) Cmsmadesimple Cms made simple 1.0 Beta6 (not an official CPE) Cisco IOS 12.2 (16.1)B Cmsmadesimple Cms made simple 1.2 Beta1 (not an official CPE)