CVE-2023-33196
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-33196
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-33196.json
- Aliases
- Published
- 2023-05-26T21:15:21Z
- Modified
- 2023-11-29T10:07:34.707371Z
- Details
-
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
- References
Affected packages
Git / github.com/craftcms/cms
Affected ranges
- Type
- GIT
- Repo
- https://github.com/craftcms/cms
- Events
- Type
- GIT
- Repo
- https://github.com/nystudio107/craft-seomatic
- Events
-
Introduced
Affected versions
3.*
3.7.33
3.7.41
3.7.42
3.7.43
3.7.44
3.7.45
3.7.45.1
3.7.45.2
3.7.46
3.7.47
3.7.47.1
3.7.48
3.7.49
3.7.50
3.7.51
3.7.52
3.7.53
3.7.53.1
3.7.54
3.7.55
3.7.55.1
3.7.55.2
3.7.55.3
3.7.56
3.7.57
3.7.58
3.7.59
3.7.60
3.7.61
3.7.62
3.7.63
3.7.63.1
3.7.64
3.7.64.1
3.7.65
3.7.65.1
3.7.65.2
3.7.66
3.7.67
3.7.68
3.8.0
3.8.0-beta.1
3.8.0-beta.2
3.8.0-beta.3
3.8.0-beta.4
3.8.0-beta.5
3.8.0-beta.6
3.8.1
3.8.2
3.8.3
3.8.4
3.8.5
3.8.6
4.*
4.0.1
4.0.10
4.0.11
4.0.12
4.0.13
4.0.14
4.0.15
4.0.16
4.0.17
4.0.18
4.0.19
4.0.2
4.0.20
4.0.21
4.0.22
4.0.23
4.0.24
4.0.25
4.0.26
4.0.27
4.0.28
4.0.29
4.0.3
4.0.30
4.0.31
4.0.32
4.0.33
4.0.34
4.0.35
4.0.36
4.0.4
4.0.5
4.0.5.1
4.0.5.2
4.0.6
4.0.7
4.0.8
4.0.9
4.1.0
4.1.0.1
4.1.0.2
4.1.1
4.1.2
4.1.3
4.1.4
4.1.4.1
4.2.0
4.2.0.1
4.2.0.2
4.2.1
4.2.1.1
4.2.2
4.2.3
4.2.4
4.2.5
4.2.5.1
4.2.5.2
4.2.6
4.2.7
4.2.8
4.3.0
4.3.1
4.3.10
4.3.11
4.3.2
4.3.2.1
4.3.3
4.3.4
4.3.5
4.3.6
4.3.6.1
4.3.7
4.3.7.1
4.3.8
4.3.8.1
4.3.8.2
4.3.9
4.4.0
4.4.0-beta.1
4.4.0-beta.2
4.4.0-beta.3
4.4.0-beta.4
4.4.0-beta.5
4.4.0-beta.6
4.4.0-beta.7
4.4.1
4.4.2
4.4.3
4.4.4
4.4.5
4.4.6
4.4.6.1