CVE-2022-28378Cross-site Scripting in CMS

CWE-79Cross-site Scripting2 documents2 sources
Severity
MEDIUM
No vector
EPSS
0.3%
top 44.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Craftcms CMS
Timeline
PublishedApr 4

Description

Cross-site Scripting in craftcms/cms Craft CMS before 3.7.29 allows cross-site scripting.

Affected Packages1 packages

Packagistcraftcms/cms< 3.7.29

🔴Vulnerability Details

2
GHSA
Cross-site Scripting in craftcms/cms2022-04-04
OSV
Cross-site Scripting in craftcms/cms2022-04-04
CVE-2022-28378 — Cross-site Scripting in Craftcms CMS | cvebase