Tablatronix

**Name of the Vulnerable Software and Affected Versions** GetSimple CMS version 3.3.13 **Description** The issue concerns poor cryptographic salt initialization, which can be exploited by a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks. This is achieved through the calculation of a session cookie or CSRF nonce in the admin/inc/template functions.php file. **Recommendations** For GetSimple CMS version 3.3.13, update to a newer version that addresses the poor cryptographic salt initialization issue.