CVE-2022-37247

Description

Craft CMS 4.2.0.1 is vulnerable to stored a cross-site scripting (XSS) via /admin/settings/fields page.

Related CPE's

acraftcmscraft_cms4.2.0.1*******

References

https://github.com/craftcms/cms/commit/cedeba0609e4b173cd584dae7f33c5f713f19627

PatchThird Party Advisory

https://labs.integrity.pt/advisories/cve-2022-37247/

Third Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io