Craftcms : Security Vulnerabilities, CVEs, Published In 2019 (XSS)
Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion.
Max CVSS
6.1
EPSS Score
0.08%
Published
2019-10-11
Updated
2019-10-15
Craft CMS before 3.1.31 does not properly filter XML feeds and thus allowing XSS.
Max CVSS
6.1
EPSS Score
0.07%
Published
2019-06-18
Updated
2021-10-18
In the 3.1.12 Pro version of Craft CMS, XSS has been discovered in the header insertion field when adding source code at an s/admin/entries/news/new URI.
Max CVSS
6.1
EPSS Score
0.21%
Published
2019-12-31
Updated
2020-01-09
3 vulnerabilities found