5 matches found
EUVD-2023-1613
Malicious code in bioql PyPI...
CVE-2023-33195
Craft is a CMS for creating custom digital experiences on the web. A malformed RSS feed can deliver an XSS payload. This issue was patched in version 4.4.6...
Cross site scripting
Craft is a CMS for creating custom digital experiences on the web. A malformed RSS feed can deliver an XSS payload. This issue was patched in version 4.4.6...
GHSA-QPGM-GJGF-8C2X Craft CMS XSS in RSS widget feed
Summary A malformed RSS feed can deliver an XSS payload PoC Create an RSS widget and add the domain https://blog.whitebear.vn/file/rss-xss2.rss The XSS payload will be triggered by the title in tag Resolved in https://github.com/craftcms/cms/commit/b77cb3023bed4f4a37c11294c4d319ff9f598e1f...
Craft CMS XSS in RSS widget feed
Summary A malformed RSS feed can deliver an XSS payload PoC Create an RSS widget and add the domain https://blog.whitebear.vn/file/rss-xss2.rss The XSS payload will be triggered by the title in tag Resolved in https://github.com/craftcms/cms/commit/b77cb3023bed4f4a37c11294c4d319ff9f598e1f...