Craft CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-31144
Reference:
CVE-2023-31144
Title:
Craft CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:
Craft CMS is a content management system. Starting in version 3.0.0 and prior to versions 3.8.4 and 4.4.4 a malformed title in the feed widget can deliver a cross-site scripting payload. This issue is fixed in version 3.8.4 and 4.4.4.