2 matches found
CVE-2022-37246
CVE-2022-37246 affects Craft CMS 4.2.0.1. The Cross-Site Scripting vulnerability exists in BaseElementSelectInput.js (src/web/assets/cp/src/js/BaseElementSelectInput.js), specifically on the line constructing elementInfo.label, due to insufficient sanitization. This can allow injected JavaScript ...
CVE-2022-37246
Craft CMS 4.2.0.1 is affected by Cross Site Scripting XSS in the file src/web/assets/cp/src/js/BaseElementSelectInput.js and in specific on the line label: elementInfo.label...