Vulnerabilities > Craftcms > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-09 CVE-2024-45406 Cross-site Scripting vulnerability in Craftcms Craft CMS
Craft is a content management system (CMS).
network
low complexity
craftcms CWE-79
4.8
2024-01-30 CVE-2023-36259 Cross-site Scripting vulnerability in Craftcms Craft CMS
Cross Site Scripting (XSS) vulnerability in Craft CMS Audit Plugin before version 3.0.2 allows attackers to execute arbitrary code during user creation.
network
low complexity
craftcms CWE-79
5.4
2023-06-20 CVE-2023-33495 Cross-site Scripting vulnerability in Craftcms Craft CMS
Craft CMS through 4.4.9 is vulnerable to HTML Injection.
network
low complexity
craftcms CWE-79
6.1
2023-05-27 CVE-2023-33195 Cross-site Scripting vulnerability in Craftcms Craft CMS
Craft is a CMS for creating custom digital experiences on the web.
network
low complexity
craftcms CWE-79
6.1
2023-05-26 CVE-2023-33194 Cross-site Scripting vulnerability in multiple products
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload.
network
low complexity
craftcms craftercms CWE-79
4.8
2023-05-26 CVE-2023-33196 Cross-site Scripting vulnerability in Craftcms Craft CMS
Craft is a CMS for creating custom digital experiences.
network
low complexity
craftcms CWE-79
5.4
2023-05-26 CVE-2023-33197 Cross-site Scripting vulnerability in Craftcms Craft CMS
Craft is a CMS for creating custom digital experiences on the web.
network
low complexity
craftcms CWE-79
5.4
2023-05-26 CVE-2023-2817 Cross-site Scripting vulnerability in Craftcms Craft CMS
A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions <= 4.4.11.
network
low complexity
craftcms CWE-79
5.4
2023-05-09 CVE-2023-31144 Cross-site Scripting vulnerability in Craftcms Craft CMS
Craft CMS is a content management system.
network
low complexity
craftcms CWE-79
6.1
2023-04-25 CVE-2023-30177 Cross-site Scripting vulnerability in Craftcms Craft CMS 3.7.59
CraftCMS 3.7.59 is vulnerable Cross Site Scripting (XSS).
network
low complexity
craftcms CWE-79
6.1