Lucene search
K

6 matches found

CVE
CVE
added 2023/05/26 8:22 p.m.57 views

CVE-2023-33196

CVE-2023-33196 corresponds to a stored XSS vulnerability in Craft CMS triggered via review volumes during asset indexing. Public descriptions consistently state that the issue was fixed in version 4.4.7. The root cause revolves around insufficient sanitization of data in the review/asset-indexing...

5.5CVSS5.3AI score0.00653EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/05/26 8:22 p.m.28 views

CVE-2023-33196 Craft CMS stored XSS in review volume

Craft is a CMS for creating custom digital experiences. Cross site scripting XSS can be triggered by review volumes. This issue has been fixed in version 4.4.7...

5.5CVSS5.6AI score0.00653EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/05/26 8:22 p.m.8 views

CVE-2023-33196 Craft CMS stored XSS in review volume

Craft is a CMS for creating custom digital experiences. Cross site scripting XSS can be triggered by review volumes. This issue has been fixed in version 4.4.7...

5.5CVSS5.4AI score0.00653EPSS
Exploits1References3
OSV
OSV
added 2023/05/26 8:22 p.m.18 views

CVE-2023-33196 Craft CMS stored XSS in review volume

Craft is a CMS for creating custom digital experiences. Cross site scripting XSS can be triggered by review volumes. This issue has been fixed in version 4.4.7...

5.5CVSS5.1AI score0.00653EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2023/05/26 1:55 p.m.24 views

Craft CMS stored XSS in review volume

Summary XSS can be triggered by review volumes PoC 1. Access setting tab 2. Create new assets 3. In assets name inject payload: "alert1337 4. Click Utilities tab 5. Choose all volumes, or volume trigger xss 6. Click Update asset indexes. 7. Wait to assets update success. 8. Progress complete. 9...

5.5CVSS6.8AI score0.00653EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2023/05/26 12:0 a.m.4 views

Craft CMS 跨站脚本漏洞

Pixel & tonic Craft CMS is a content management system CMS from Pixel & tonic, Inc. A security vulnerability exists in Craft CMS, which stems from a cross-site scripting vulnerability that can be triggered by review volumes...

5.5CVSS5.3AI score0.00653EPSS
Exploits1References4
Rows per page
Query Builder