Craft CMS stored XSS in review volume
CVE-2023-33196
5.4MEDIUM
What is CVE-2023-33196?
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
Affected Version(s)
cms >= 4.0.0-RC1, <= 4.4.6