Web Vulnerability Report

Vulnerability Index
ID EDB-ID-49816
CVSS 3.0 N/A
Cloudbric Score
Cloudbric Detection Yes
Vulnerability Type RCE
Published Date 2021-05-03
Updated Date 2021-06-18
Vendor 0.1
Description The Custom JS v0.1 plugin for GetSimple CMS suffers from a Cross-Site Request Forgery (CSRF) attack that allows remote unauthenticated attackers to inject arbitrary client-side code into authenticated administrators browsers, which results in Remote Code Execution (RCE) on the hosting server, when an authenticated administrator visits a malicious third party website. # Full Disclosure & MITRE CVE Tracking: github.com/boku7/gsCMS-CustomJS-Csrf2Xss2Rce
Reference N/A
URL Link
Threat Index Table
ID Description Vulnerability Type
Cloudbric Score
Updated Date Detection

To receive weekly updates on new vulnerabilities added to Threat Index

Subscribe Now