2 matches found
CVE-2019-17496
Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion...
CVE-2019-17496
Craft CMS prior to 3.3.8 is affected by a stored XSS in the site deletion flow where the name field is mishandled. The issue enables injection through the name field and is limited to Craft CMS versions before 3.3.8; upgrading to 3.3.8 or later is the documented remediation. The CVE description a...