Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2023-33196

Description

Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.

POC

Reference

- https://github.com/craftcms/cms/security/advisories/GHSA-cjmm-x9x9-m2w5

Github

No PoCs found on GitHub currently.