Description
Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion.
Remediation
References
Related Vulnerabilities
WordPress Plugin GiveWP-Donation and Fundraising Platform Information Disclosure (2.20.2)
WordPress 4.0.x PHP Object Injection (4.0 - 4.0.32)
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28734)
Next.js User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2022-23646)