2012-04-11 12:39:27 2012-11-20 05:44:35

Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter (aka the Email Address field in the Edit User template).

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE
Cmsmadesimple Cms made simple 1.10.1 (not an official CPE) Cmsmadesimple Cms made simple 0.11 Beta5 (not an official CPE) Cmsmadesimple Cms made simple 1.1 Rc2 (not an official CPE) Cisco IOS 12.2 (18)EW5 Cisco IOS 12.2 (18)EWA Cmsmadesimple Cms made simple 1.2 Rc1 (not an official CPE) Cmsmadesimple Cms made simple 1.1 Rc1 (not an official CPE) Cisco IOS 12.2 (18)S10 Cisco IOS 12.2(15)ZJ Cisco IOS 12.2 (15)ZJ2 Cisco IOS 12.2 (15)ZJ1 Cmsmadesimple Cms made simple 1.1 Rc3 (not an official CPE) Cisco IOS 12.2 (17b)SXA Cisco IOS 12.2 (17) Cisco IOS 12.2 (15)SL1 Cisco IOS 12.2 (16.5)S Cisco IOS 12.2 (16)B1 Cmsmadesimple Cms made simple 1.0.7 (not an official CPE) Cisco IOS 12.2 (15)ZL Cisco IOS 12.2 (15)BX Cisco IOS 12.2 (15)T Cmsmadesimple Cms made simple 1.0.8 (not an official CPE) Cisco IOS 12.2 (15)YS_1.2(1) Cisco IOS 12.2 (15)XR2 Cisco IOS 12.2 (15)T5 Cisco IOS 12.2 (15)YS Cisco IOS 12.2 (18)EW2 Cisco IOS 12.2 (15)T17 Cisco IOS 12.2 (15)T16 Cisco IOS 12.2 (17d) Cisco IOS 12.2 (15)ZK Cisco IOS 12.2(17d)SX Cisco IOS 12.2 (17d)SXB Cisco IOS 12.2 (17d)SXB10 Cisco IOS 12.2 (15)MC2c Cisco IOS 12.2 (16f) Cisco IOS 12.2 (15)JK5 Cisco IOS 12.2 (15)MC1 Cisco IOS 12.2 (17a)SXA Cisco IOS 12.2 (15)CX Cisco IOS 12.2 (15)CZ3 Cisco IOS 12.2 (15)JK2 Cisco IOS 12.2 (17)a Cisco IOS 12.2 (16)B Cisco IOS 12.2 (18)S Cisco IOS 12.2 (15.1)S Cisco IOS 12.2(17a) Cisco IOS 12.2 (18)EW3 Cisco IOS 12.2 (15)ZO Cisco IOS 12.2 (17)ZD3 Cisco IOS 12.2 (18)EW Cisco IOS 12.2 (18)S9 Cisco IOS 12.2 (15)BC2h Cisco IOS 12.2 (15)B Cisco IOS 12.2 (14.5) Cisco IOS 12.2 (18)S6 Cisco IOS 12.2 (18)S8 Cisco IOS 12.2 (18)SE Cisco IOS 12.2 (18)SO4 Cmsmadesimple Cms made simple 1.1.4.1 (not an official CPE) Cmsmadesimple Cms made simple 1.9.4.3 (not an official CPE) Cisco IOS 12.2 (17d)SXB8 Cisco IOS 12.2 (17d)SXB7 Cisco IOS 12.2 (14)SY Cisco IOS 12.2 (14)SX1 Cisco IOS 12.2 (14)SY1 Cisco IOS 12.2 (14)SY03 Cmsmadesimple Cms made simple 1.6.8 (not an official CPE) Cisco IOS 12.2 (17f) Cisco IOS 12.2 (15)ZJ3 Cisco IOS 12.2 (14)SZ1 Cisco IOS 12.2 (14)ZA2 Cisco IOS 12.2 (14)ZA8 Cisco IOS 12.2 (14)SZ2 Cisco IOS 12.2 (15)MC2e Cisco IOS 12.2(15)T9 Cisco IOS 12.2 (15)T15 Cisco IOS 12.2 (15)XR Cisco IOS 12.2(15)T7 Cisco IOS 12.2(15)T8 Cmsmadesimple Cms made simple 0.13 Beta1 (not an official CPE) Cmsmadesimple Cms made simple 0.13 Beta3 (not an official CPE) Cmsmadesimple Cms made simple 0.13 Beta2 (not an official CPE) Cisco IOS 12.2 (15)ZN Cisco IOS 12.2 (15)ZL1 Cisco IOS 12.2 (14)SU2 Cisco IOS 12.2 (14)ZA Cisco IOS 12.2 (14)SZ Cisco IOS 12.2 (15)BC Cisco IOS 12.2 (14.5)T Cisco IOS 12.2 (14)S15 Cisco IOS 12.2 (15)JK4 Cisco IOS 12.2 (15)BZ Cisco IOS 12.2 (15)BC2i Cisco IOS 12.2 (15)BC2f Cmsmadesimple Cms made simple 1.0 Beta1 (not an official CPE) Cmsmadesimple Cms made simple 1.2 Beta3 (not an official CPE) Cmsmadesimple Cms made simple 1.2 Beta2 (not an official CPE) Cmsmadesimple Cms made simple 1.0 Beta3 (not an official CPE) Cmsmadesimple Cms made simple 1.0 Beta2 (not an official CPE) Cmsmadesimple Cms made simple 0.12 Beta1 (not an official CPE) Cmsmadesimple Cms made simple 0.12 Beta2 (not an official CPE) Cmsmadesimple Cms made simple 0.11 Beta6 (not an official CPE) Cmsmadesimple Cms made simple 1.3.1 (not an official CPE) Cmsmadesimple Cms made simple 1.5 Beta1 (not an official CPE) Cisco IOS 12.2 (16)BX Cmsmadesimple Cms made simple 1.10.2 (not an official CPE) Cmsmadesimple Cms made simple 1.0 Beta4 (not an official CPE) Cisco IOS 12.2 (15)BC1 Cmsmadesimple Cms made simple 1.10.3 (not an official CPE) Cmsmadesimple Cms made simple 1.4 Beta1 (not an official CPE) Cmsmadesimple Cms made simple 1.0 Beta5 (not an official CPE) Cisco IOS 12.2 (15)BC1f Cmsmadesimple Cms made simple 1.4 Beta2 (not an official CPE) Cmsmadesimple Cms made simple 1.0 Beta6 (not an official CPE) Cmsmadesimple Cms made simple 1.10 (not an official CPE) Cmsmadesimple Cms made simple 1.2 Beta1 (not an official CPE) Cisco IOS 12.2 (16.1)B