=/= GetSimple CMS Multiple Cross-Site Scripting Vulnerabilities =/=
_ 2010-04-23 16:52:08 _

Input appended to the URL after admin/components.php,  admin/resetpassword.php,
admin/settings.php, admin/support.php,  admin/theme-edit.php, and
admin/theme.php  is not properly sanitised  before being returned to the user.
This can be exploited to execute  arbitrary HTML and script code in a user's
browser session in the  context of an affected site.

http://secunia.com/advisories/39464