CVE-2023-31144
CVSS V2 None
CVSS V3 None
Description
Craft CMS is a content management system. Starting in version 3.0.0 and prior to versions 3.8.4 and 4.4.4, a malformed title in the feed widget can deliver a cross-site scripting payload. This issue is fixed in version 3.8.4 and 4.4.4.
Overview
- CVE ID
- CVE-2023-31144
- Assigner
- security-advisories@github.com
- Vulnerability Status
- Received
- Published Version
- 2023-05-09T16:15:14
- Last Modified Date
- 2023-05-09T16:15:14
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-31144 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31144 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2023-05-09 17:01:44 | Added to TrackCVE | |||
2023-05-09 17:01:50 | Weakness Enumeration | new |