Vulnerabilities > Getkirby > Starterkit > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-18 | CVE-2022-35174 | Cross-site Scripting vulnerability in Getkirby Starterkit 3.7.0.2 A stored cross-site scripting (XSS) vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field. | 5.4 |