Craft CMS stored XSS in indexedVolumes
CVE-2023-33197
5.4MEDIUM
What is CVE-2023-33197?
Craft is a CMS for creating custom digital experiences on the web. Cross-site scripting (XSS) can be triggered via the Update Asset Index utility. This issue has been patched in version 4.4.6.
Affected Version(s)
cms >= 4.0.0-RC1, <= 4.4.5