CVE-2023-2817

CVE-2023-2817

A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions <= 4.4.11. HTML, including script tags can be injected into field names which, when the field is added to a category or section, will trigger when users visit the Categories or Entries pages respectively.

Source: CVE-2023-2817

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다