cbcvebase.
CVE-2012-1992
published 2012-04-11

CVE-2012-1992: Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or…

PriorityP415medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
0.93%
56.2th percentile
Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter (aka the Email Address field in the Edit User template).

Affected

93 ranges· showing 25
VendorProductVersion rangeFixed in
cmsmadesimplecms_made_simple<= 1.10.3
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
cmsmadesimplecms_made_simple
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.