Lucene search
+L

4 matches found

nvd
nvd
added 2023/05/26 5:15 p.m.28 views

CVE-2023-2817

A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions = 4.4.11. HTML, including script tags can be injected into field names which, when the field is added to a category or section, will trigger when users visit the Categories or Entries pages respectively...

5.4CVSS5.1AI score0.00444EPSS
Exploits0References2
cve
cve
added 2023/05/26 12:0 a.m.76 views

CVE-2023-2817

The CVE-2023-2817 issue is a post-authentication stored cross-site scripting vulnerability in Craft CMS versions up to 4.4.11. It allows HTML/script injection in field names, which triggers when those fields are added to a category or section and visited on Categories/Entries pages. Several conne...

5.4CVSS5AI score0.00444EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/05/26 12:0 a.m.34 views

CVE-2023-2817

A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions = 4.4.11. HTML, including script tags can be injected into field names which, when the field is added to a category or section, will trigger when users visit the Categories or Entries pages respectively...

5.3AI score0.00444EPSS
Exploits0References2
osv
osv
added 2023/05/26 12:0 a.m.16 views

CVE-2023-2817

A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions = 4.4.11. HTML, including script tags can be injected into field names which, when the field is added to a category or section, will trigger when users visit the Categories or Entries pages respectively...

5.4CVSS6AI score0.00444EPSS
Exploits0References4
Rows per page
Query Builder