CNNVD-202512-4116 Information

CNNVD ID

CNNVD-202512-4116

Related CVE

CVE-2021-47733

• CNNVD Published: 2025-12-23

Description (Chinese)

CMSimple是CMSimple开源的一种自由的内容管理系统。 CMSimple 5.4版本存在跨站脚本漏洞，该漏洞源于输入过滤可被HTML转Unicode编码绕过，可能导致跨站脚本攻击。

Description (English)

CMSimple is a free content management system for the open source of CMSimple. Version 5.4 of CMSimple has a cross-site script loophole, which stems from the fact that input filters can be bypassed by HTML to Unicode codes and may result in cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

CMSimple

Published

2025-12-23

Last Modified

2026-02-24

References

https://www.cmsimple.org/en/ https://www.exploit-db.com/exploits/50612 https://www.vulncheck.com/advisories/cmsimple-cross-site-scripting-via-html-unicode-encoding https://access.redhat.com/security/cve/cve-2021-47733