CVE-2017-6556

Published: 2017-03-09T09:59Z

Last Modified: 2024-11-21T03:30Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the "adminpage > sitesetting > General Settings > globalmetadata" field. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt