kilooooo/cms

Releases0

Stars1

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-27558 ↗	Mar 1, 2024Friday, 1 March 2024, 17:15	6.1 MEDIUM	—
Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting (XSS) within the blog title of the settings.
CVE-2024-27559 ↗	Mar 1, 2024Friday, 1 March 2024, 17:15	6.3 MEDIUM	—
Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /save_settings.php