CVE-2023-33197

Published May 26th, 2023

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Craft is a CMS for creating custom digital experiences on the web. Cross-site scripting (XSS) can be triggered via the Update Asset Index utility. This issue has been patched in version 4.4.6.

craftcms/cms

Build bespoke content experiences with Craft.

GitHub

3.58K