Описание
Cross-site Scripting (XSS) in CrafterCMS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.
Пакеты
Наименование
org.craftercms:crafter-engine
maven
Затронутые версииВерсия исправления
>= 4.0.0, < 4.0.3
4.0.3
Наименование
org.craftercms:crafter-engine
maven
Затронутые версииВерсия исправления
>= 3.1.0, < 3.1.28
3.1.28
Связанные уязвимости
CVSS3: 7.4
nvd
больше 2 лет назад
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.