|Date: (C)2016-06-02 (M)2017-12-06|| |
CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Cache is activated, allow remote attackers to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request.
|CVSS Score: 2.6||Access Vector: NETWORK|
|Exploit Score: 4.9||Access Complexity: HIGH|
|Impact Score: 2.9||Authentication: NONE|
| ||Confidentiality: NONE|
| ||Integrity: PARTIAL|
| ||Availability: NONE|