CVE-2021-47732

Name of the Vulnerable Software and Affected Versions CMSimple version 5.2

Description CMSimple 5.2 has a stored cross-site scripting issue in the Filebrowser External input field. This allows attackers to inject malicious JavaScript code. When users click on the Page or Files tabs, the injected script executes, enabling persistent script injection.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.