2 matches found
CVE-2023-30177
CraftCMS 3.7.59 is vulnerable Cross Site Scripting XSS. An attacker can inject javascript code into Volume Name...
CVE-2023-30177
CraftCMS 3.7.59 is vulnerable to Cross-Site Scripting (XSS) via the Volume Name. The root cause is an XSS flaw in CraftCMS that allows injected JavaScript. Affected version according to sources: 3.7.59; remediation is to upgrade to 3.7.68 or later (CraftCMS patch) to mitigate. If upgrading is not...