Trusted Design

• 重大度: Unknown
• 公開日: 2017-03-24
• 更新日: 2024-08-05

概要

XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_title parameter. Someone must login to conduct the attack.

このCVEに関連するMITRE ATT&CKテクニック

• T1003.002 - Security Account Manager
• T1542.003 - Bootkit
• T1192 - Spearphishing Link
• T1484.002 - Trust Modification
• T1598.003 - Spearphishing Link
• T1558 - Steal or Forge Kerberos Tickets
• T1518.002 - Backup Software Discovery
• T1525 - Implant Internal Image
• T1179 - Hooking
• T1546.008 - Accessibility Features
• T1586 - Compromise Accounts
• T1218.005 - Mshta
• T1606 - Forge Web Credentials
• T1219.003 - Remote Access Hardware
• T1562.001 - Disable or Modify Tools
• T1486 - Data Encrypted for Impact
• T1213.004 - Customer Relationship Management Software
• T1595.003 - Wordlist Scanning
• T1065 - Uncommonly Used Port
• T1223 - Compiled HTML File
• T1219.002 - Remote Desktop Software
• T1136 - Create Account
• T1018 - Remote System Discovery
• T1538 - Cloud Service Dashboard
• T1055.008 - Ptrace System Calls

このCVEが関連しているPulses

このCVEが関連しているPulsesはありません。

CVEの関係性グラフ

---

← CVE一覧に戻る