Vulnerabilities > Craftercms > Crafter CMS > Low

DATE CVE VULNERABILITY TITLE RISK
2021-12-02 CVE-2021-23260 Cross-site Scripting vulnerability in Craftercms Crafter CMS
Authenticated users with Site roles may inject XSS scripts via file names that will execute in the browser for this and other users of the same site.
network
craftercms CWE-79
3.5