1 results (0.003 seconds)
CVSS: 7.4EPSS: 0%CPEs: 11EXPL: 0
CVSS: 7.4EPSS: 0%CPEs: 11EXPL: 0CVE-2023-4136 – Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Crafter Engine
https://notcve.org/view.php?id=CVE-2023-4136
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27. CrafterCMS versions 4.0.2 and below suffer from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2023/Aug/30 https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •