Sitemagic CMS 2010.04.17 Cross Site Scripting

Sitemagic CMS suffers from a XSS vulnerability when parsing user input to the ‘SMExt’ parameter via GET method in ‘index.php’. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user’s browser session.

Source: Sitemagic CMS 2010.04.17 Cross Site Scripting