CVE-2022-35174
The CVE-2022-35174 entry covers a stored XSS in Kirby’s Starterkit v3.7.0.2, where an attacker can inject a crafted payload into the Tags field to execute arbitrary web scripts/HTML. The vulnerability affects Kirby Starterkit’s Tags handling, with a CVSS v3.1 base score of 5.4 (Medium) and all us...