Description
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
Remediation
References
http://crafter.com
https://docs.craftercms.org/en/3.0/security/advisory.html
Related Vulnerabilities
CVE-2020-27822 Vulnerability in maven package io.opentracing.contrib:opentracing-interceptors
CVE-2022-36883 Vulnerability in maven package org.jenkins-ci.plugins:git
CVE-2023-40572 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2015-8857 Vulnerability in npm package uglify-js
CVE-2022-2053 Vulnerability in maven package io.undertow:undertow-core