CVE-2023-23927
- Reference to the description:
- Description:
- Craft is a platform for creating digital experiences. When you insert a payload inside a label name or instruction of an entry type, an cross-site scripting (XSS) happens in the quick post widget on the admin dashboard. This issue has been fixed in version 4.3.7.
- Last updated date:
- 03/10/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 03/10/2023
- Reference url to background
https://github.com/craftcms/cms/security/advisories/GHSA-qcrj-6ffc-v7hq
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 03/10/2023
- Reference url to background