CNNVD-202601-3397 Information
CNNVD ID
CNNVD-202601-3397
Related CVE
- CNNVD Published: 2026-01-21
Description (Chinese)
GetSimple Content Management System是GetSimpleCMS开源的一个内容管理系统。 GetSimple Content Management System存在跨站请求伪造漏洞,该漏洞源于存在跨站请求伪造,可能导致在管理员浏览器中执行任意客户端代码。
Description (English)
GetSimpleContent Management System is a content management system for GetSimpleCMS open source. GetSimpleContent Management System has a cross-site request forgery loophole, which stems from the cross-site request for forgery and may lead to the implementation of any client code in the administrator browser.
Hazard Level
High
Vulnerability Type
跨站请求伪造
Affected Vendor
GetSimpleCMS
Published
2026-01-21
Last Modified
2026-02-24
References
http://get-simple.info https://www.exploit-db.com/exploits/49816 https://www.vulncheck.com/advisories/getsimple-cms-custom-js-csrf-to-xss-to-rce https://github.com/boku7/gsCMS-CustomJS-Csrf2Xss2Rce https://www.exploit-db.com/exploits/49712 https://github.com/GetSimpleCMS/GetSimpleCMS https://access.redhat.com/security/cve/cve-2021-47860
Patch
https://github.com/GetSimpleCMS/GetSimpleCMS/releases
Share on: