craftcms/cms is vulnerable to cross-site scripting. An attacker is able to introduce XSS payload in the Draft name
, causing reflections of malicious script in a user’s browser.
CPE | Name | Operator | Version |
---|---|---|---|
craftcms/cms | le | 4.2.0.2 | |
craftcms/cms | le | 4.2.0.2 |