CNNVD-202512-4119 Information

CNNVD ID

CNNVD-202512-4119

Related CVE

CVE-2021-47732

• CNNVD Published: 2025-12-23

Description (Chinese)

CMSimple是CMSimple开源的一种自由的内容管理系统。 CMSimple 5.2版本存在跨站脚本漏洞，该漏洞源于Filebrowser External输入字段过滤不足，可能导致存储型跨站脚本攻击。

Description (English)

CMSimple is a free content management system for the open source of CMSimple. Version 5.2 of CMSimple has a cross-site script loophole, which stems from inadequate filtering of Filebrowser Express input fields, which may result in a storage-type cross-site script attack.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

CMSimple

Published

2025-12-23

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/49751 https://www.vulncheck.com/advisories/cmsimple-stored-cross-site-scripting-via-filebrowser-external-input https://www.cmsimple.org/en/ https://access.redhat.com/security/cve/cve-2021-47732