Vulnerability — CVE-2023-36970

CVE-2023-36970

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-36970
Description:: A Cross-site scripting (XSS) vulnerability in CMS Made Simple v2.2.17 allows remote attackers to inject arbitrary web script or HTML via the File Upload function.
Last updated date:: 07/11/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/11/2023
Reference url to background: https://okankurtulus.com.tr/2023/06/27/cms-made-simple-v2-2-17-stored-cross-site-scripting-xss-authenticated/