Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A reflected XSS vulnerability exists in CMSimple_XH 1.8's index.php router when attacker-controlled path segments are not sanitized or encoded before being inserted into the generated HTML (navigation links, breadcrumbs, search form action, footer links). An attacker-controlled string placed in the URL path is reflected into multiple HTML elements, allowing execution of arbitrary JavaScript in victims' browsers visiting a crafted URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CMSimple_XH 安全漏洞
Vulnerability Description
CMSimple_XH是CMSimple_XH开源的一个快速、小型、易于使用且易于安装的模块化内容管理系统(CMS)。 CMSimple_XH 1.8版本存在安全漏洞,该漏洞源于未对攻击者控制的路径段进行清理或编码,可能导致反射型跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A