Description
Craft CMS before 2.6.2974 allows XSS attacks.
Remediation
References
Related Vulnerabilities
WordPress Plugin Featured Comments Cross-Site Request Forgery (1.2.1)
WordPress Plugin Gallery PhotoBlocks Cross-Site Scripting (1.1.50)
WordPress Plugin Integration for Contact Form 7 and Zoho Cross-Site Scripting (1.1.7)
Claroline Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4844)