CVE-2023-4136 – Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Crafter Engine

https://notcve.org/view.php?id=CVE-2023-4136

03 Aug 2023 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27. CrafterCMS versions 4.0.2 and below suffer from multiple cross site scripting vulnerabilities. • https://packetstorm.news/files/id/174304 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •