Description Craft CMS before 2.6.2974 allows XSS attacks. Remediation References CVE-2017-8052 Related Vulnerabilities phpBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2002-2346) Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5485) WordPress Plugin WordPress Social Ring (Facebook Like, Google +1, ReTweet, LinkedIn and Pin It) Cross-Site Scripting (1.1.9) Moodle Other Vulnerability (CVE-2010-1616) phpMyAdmin CVE-2016-6618 Vulnerability (CVE-2016-6618) Severity Medium Classification CVE-2017-8052 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities