CVE-2023-36259
CVE-2023-36259 affects Craft CMS Audit Plugin prior to version 3.0.2. The issue arises from improper sanitization in the plugin’s handling of titles, enabling Cross Site Scripting (XSS) that can allow an attacker to inject arbitrary JavaScript during user creation. Several sources corroborate XSS...