Web Vulnerability Report
ID | EDB-ID-49816 |
CVSS 3.0 | N/A |
Cloudbric Score
?
|
Low |
Cloudbric Detection | Yes |
Vulnerability Type | RCE |
Published Date | 2021-05-03 |
Updated Date | 2021-06-18 |
Vendor | 0.1 |
Description | The Custom JS v0.1 plugin for GetSimple CMS suffers from a Cross-Site Request Forgery (CSRF) attack that allows remote unauthenticated attackers to inject arbitrary client-side code into authenticated administrators browsers, which results in Remote Code Execution (RCE) on the hosting server, when an authenticated administrator visits a malicious third party website. # Full Disclosure & MITRE CVE Tracking: github.com/boku7/gsCMS-CustomJS-Csrf2Xss2Rce |
Reference | N/A |
URL Link | https://www.exploit-db.com/exploits/49816/ |
This vulnerability has been detected by Cloudbric!
Block NOW!
ID | Description | Vulnerability Type |
Cloudbric Score
?
|
Updated Date | Detection |
---|
To receive weekly updates on new vulnerabilities added to Threat Index
Subscribe Now