Web Vulnerability Report
| ID | EDB-ID-49816 |
| CVSS 3.0 | N/A |
|
Cloudbric Score
?
|
Low |
| Cloudbric Detection | Yes |
| Vulnerability Type | RCE |
| Published Date | 2021-05-03 |
| Updated Date | 2021-06-18 |
| Vendor | 0.1 |
| Description | The Custom JS v0.1 plugin for GetSimple CMS suffers from a Cross-Site Request Forgery (CSRF) attack that allows remote unauthenticated attackers to inject arbitrary client-side code into authenticated administrators browsers, which results in Remote Code Execution (RCE) on the hosting server, when an authenticated administrator visits a malicious third party website. # Full Disclosure & MITRE CVE Tracking: github.com/boku7/gsCMS-CustomJS-Csrf2Xss2Rce |
| Reference | N/A |
| URL Link | https://www.exploit-db.com/exploits/49816/ |
This vulnerability has been detected by Cloudbric!
Block NOW!
| ID | Description | Vulnerability Type |
Cloudbric Score
?
|
Updated Date | Detection |
|---|
To receive weekly updates on new vulnerabilities added to Threat Index
Subscribe Now