Cross Site Scripting (XSS) Vulnerability in Craft CMS 4.4.6 and Earlier

Cross Site Scripting (XSS) Vulnerability in Craft CMS 4.4.6 and Earlier

CVE-2023-33196 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.

Learn more about our Cms Pen Testing.