CVE-2022-28378
Craft CMS vulnerability (CVE-2022-28378) : The XSS flaw affects Craft CMS versions before 3.7.29. Public sources attribute the issue to the FeedWidget.js input handling, where unfiltered links enable script injection. Impact is cross-site scripting with user interaction sometimes required dependi...