Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS 3.0, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the (1) file parameter in a load action to zimplit.php and (2) client parameter to English_manual_version_2.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zimplit zimplit cms |