CVE-2020-23839

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
2
PROJECTS

Description

A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form.

GetSimpleCMS/GetSimpleCMS
GetSimpleCMS/GetSimpleCMS
GetSimple CMS
GitHubGitHub
418
boku7/CVE-2020-23839
boku7/CVE-2020-23839
Public PoC Disclosure for CVE-2020-23839 - GetSimple CMS v3.3.16 suffers from a Reflected XSS on the Admin Login Portal
GitHubGitHub
11