Cross-site scripting (XSS) vulnerability in whizzywig/wb.php in CMSimple Classic 3.54 and previous versions, possibly as downloaded before February 26, 2014, allows remote malicious users to inject arbitrary web script or HTML via the d parameter.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cmsimple cmsimple classic |
Vulmon