CVE-2012-6621

N/A Unknown
Published: January 16, 2014 Modified: April 29, 2026
View on NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1, 3.1.2, 3.2.3, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Email Address or (2) Custom Permalink Structure fields in admin/settings.php; (3) path parameter to admin/upload.php; (4) err parameter to admin/theme.php; (5) error parameter to admin/pages.php; or (6) success or (7) err parameter to admin/index.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://packetstormsecurity.com/files/124711
Source: cve@mitre.org
http://packetstormsecurity.org/files/112643/GetSimple-CMS-3.1-Cross-Site-Scripting.html
Source: cve@mitre.org
http://secunia.com/advisories/49137
Source: cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/53501
Source: cve@mitre.org
http://www.vulnerability-lab.com/get_content.php?id=521
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/75534
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/75535
Source: cve@mitre.org
http://packetstormsecurity.com/files/124711
Source: af854a3a-2127-422b-91ae-364da2661108
http://packetstormsecurity.org/files/112643/GetSimple-CMS-3.1-Cross-Site-Scripting.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/49137
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/53501
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vulnerability-lab.com/get_content.php?id=521
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/75534
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/75535
Source: af854a3a-2127-422b-91ae-364da2661108

14 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.5%
65th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-79

Affected Vendors

get-simple

Related CVEs

CVE-2026-41971 5.5
CVE-2026-41970 6.8
CVE-2026-41969 6.2
CVE-2026-41968 5.9
CVE-2026-41967 5.9