Cross-site scripting (XSS) vulnerability in lib/filemanager/ImageManager/editorFrame.php in CMS Made Simple 1.11.10 allows remote attackers to inject arbitrary web script or HTML via the action parameter, a different issue than CVE-2014-0334. NOTE: the original disclosure also reported issues that may not cross privilege boundaries.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-03-02T17:00:00
Updated: 2024-08-06T10:05:57.906Z
Reserved: 2014-02-24T00:00:00
Link: CVE-2014-2092
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-03-02T17:55:03.067
Modified: 2015-08-13T18:23:50.740
Link: CVE-2014-2092
Redhat
No data.