Description
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
Remediation
References
Related Vulnerabilities
WordPress Insecure Default Initialization of Resource Vulnerability (CVE-2017-5491)
EspoCRM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-38843)
WordPress Plugin WP Flash Player Multiple Cross-Site Scripting Vulnerabilities (1.3)
Oracle Database Server CVE-2009-0997 Vulnerability (CVE-2009-0997)