Page 5 of 21 results (0.012 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

In the 3.1.12 Pro version of Craft CMS, XSS has been discovered in the header insertion field when adding source code at an s/admin/entries/news/new URI. En la versión 3.1.12 Pro de Craft CMS, se descubrió una vulnerabilidad de tipo XSS en el campo de inserción del encabezado cuando se agrega el código fuente en un URI s/admin/entries/news/new. Craft CMS version 3.1.12 Pro suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/46496 https://packetstormsecurity.com/files/151944/Craft-CMS-3.1.12-Pro-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •