Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-31144

Published: 09/05/2023 Updated: 16/05/2023
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Craft Cms

Vulnerability Summary

Craft CMS is a content management system. Starting in version 3.0.0 and prior to versions 3.8.4 and 4.4.4, a malformed title in the feed widget can deliver a cross-site scripting payload. This issue is fixed in version 3.8.4 and 4.4.4.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

craftcms craft cms

References

CWE-79https://github.com/craftcms/cms/commit/52bd161614620edbab2d24d078ca9ebca2528442https://github.com/craftcms/cms/security/advisories/GHSA-j4mx-98hw-6rv6https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886insecure direct object referenceCVE-2024-34342file inclusionCVE-2024-34562CVE-2024-34347CVE-2024-26026CVE-2024-4647unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook