QwikSec

Security Database

CVE

CWE

Training

CVE-2020-23839

Published: Sep 1, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1330

x_refsource_MISC

http://packetstormsecurity.com/files/162016/GetSimple-CMS-3.3.16-Cross-Site-Scripting-Shell-Upload.html

x_refsource_MISC

exploit

x_refsource_EXPLOIT-DB

https://github.com/boku7/CVE-2020-23839

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.