Craft Cms@4.0.1 Security Vulnerabilities and Issues — Craft Cms@4.0.1 CVE List

Lucene search

CraftcmsCraft Cms4.0.1

2 matches found

CVE•added 2023/05/26 9:15 p.m.•47 views

CVE-2023-33196

Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.

5.5CVSS5.3AI score0.00075EPSS

CVE•added 2023/05/26 9:15 p.m.•43 views

CVE-2023-33194

Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was patched in versio...

4.8CVSS4.4AI score0.00045EPSS