Description Craft CMS before 3.6.13 has an XSS vulnerability. Remediation References CVE-2021-32470 Related Vulnerabilities WordPress Plugin Wp2android-webapp native mobile app builder free (android, IOs, Winphone mobile App) Arbitrary File Upload (1.1.4) WordPress Plugin Advanced Custom Fields (ACF) Information Disclosure (6.0.2) WordPress Plugin FV Flowplayer Video Player Multiple Vulnerabilities (7.3.14.727) MySQL CVE-2015-0506 Vulnerability (CVE-2015-0506) WordPress Plugin Easy Property Listings Unspecified Vulnerability (2.0) Severity Medium Classification CVE-2021-32470 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities