Cms Made Simple · Cms Made Simple · CVE-2006-6844
Name of the Vulnerable Software and Affected Versions:
CMS Made Simple version 1.0.2
Description:
A cross-site scripting (XSS) issue exists in the optional user comment module, allowing remote attackers to inject arbitrary web script or HTML via the user comment form.
Recommendations:
For CMS Made Simple version 1.0.2, update the optional user comment module to a version that fixes this issue or disable the user comment form to prevent exploitation.