Количество 2
Количество 2
CVE-2023-2817
A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions <= 4.4.11. HTML, including script tags can be injected into field names which, when the field is added to a category or section, will trigger when users visit the Categories or Entries pages respectively.
GHSA-7x94-jx75-3gh6
Stored cross site scripting in Craft CMS
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-2817 A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions <= 4.4.11. HTML, including script tags can be injected into field names which, when the field is added to a category or section, will trigger when users visit the Categories or Entries pages respectively. | CVSS3: 5.4 | 0% Низкий | больше 2 лет назад |
| GHSA-7x94-jx75-3gh6 Stored cross site scripting in Craft CMS | CVSS3: 5.4 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу