Craft CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-33197 - Vulnerability Database

Craft CMS

Craft CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-33197

Medium

Reference: CVE-2023-33197

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-33197

Title: Craft CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

Craft is a CMS for creating custom digital experiences on the web. Cross-site scripting (XSS) can be triggered via the Update Asset Index utility. This issue has been patched in version 4.4.6.