{
  "id": "CVE-2023-36970",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-07-06T15:15:16.030",
  "lastModified": "2023-07-06T15:16:18.590",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "A Cross-site scripting (XSS) vulnerability in CMS Made Simple v2.2.17 allows remote attackers to inject arbitrary web script or HTML via the File Upload function."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://okankurtulus.com.tr/2023/06/27/cms-made-simple-v2-2-17-stored-cross-site-scripting-xss-authenticated/",
      "source": "cve@mitre.org"
    }
  ]
}