Description
Craft CMS 4.2.0.1 is vulnerable to stored a cross-site scripting (XSS) via /admin/settings/fields page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Video Comments Webcam Recorder Cross-Site Scripting (1.55)
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)
Java Unspesificed Vulnerability (CVE-2018-3136)
PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2007-4652)
WordPress Plugin Sliding Social Icons Cross-Site Request Forgery (1.61)