CVE-2017-1000453

Description

CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.

CVSS Version 3.0

nvd

CVE ID: CVE-2017-1000453
Base Score: 9.8
Base Severity: CRITICAL
Vector String:CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS Version 2.0

nvd

CVE ID: CVE-2017-1000453
Base Score: 7.5
Base Severity: HIGH
Vector String:AV:N/AC:L/Au:N/C:P/I:P/A:P

Refrence: NVD