Vulnerabilities > Craftercms > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-02	CVE-2021-23260	Cross-site Scripting vulnerability in Craftercms Crafter CMS Authenticated users with Site roles may inject XSS scripts via file names that will execute in the browser for this and other users of the same site. network craftercms CWE-79	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.