2 matches found
CVE-2023-23927 Craft CMS stored cross-site scripting vulnerability
Craft is a platform for creating digital experiences. When you insert a payload inside a label name or instruction of an entry type, an cross-site scripting XSS happens in the quick post widget on the admin dashboard. This issue has been fixed in version 4.3.7...
CVE-2023-23927
Craft CMS is vulnerable to a stored XSS in the quick post widget on the admin dashboard when a payload is inserted into a label name or an entry type instruction. The issue affects Craft CMS prior to version 4.3.7 and has been fixed in 4.3.7. The CVE entry is supported by multiple connected sourc...