Craft CMS 4.2.0.1 is vulnerable to Cross Site Scripting (XSS) via Drafts.
References
Link | Resource |
---|---|
http://craft.com | Not Applicable |
https://labs.integrity.pt/advisories/cve-2022-37251/ | Third Party Advisory |
Configurations
History
21 Sep 2022, 15:37
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:craftcms:craft_cms:4.2.0.1:*:*:*:*:*:*:* | |
CWE | CWE-79 | |
References | (MISC) http://craft.com - Not Applicable | |
References | (MISC) https://labs.integrity.pt/advisories/cve-2022-37251/ - Third Party Advisory | |
First Time |
Craftcms
Craftcms craft Cms |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
16 Sep 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-16 22:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-37251
Mitre link : CVE-2022-37251
CVE.ORG link : CVE-2022-37251
JSON object : View
Products Affected
craftcms
- craft_cms
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')