Description
Craft CMS 4.2.0.1 is vulnerable to stored a cross-site scripting (XSS) via /admin/settings/fields page.
Remediation
References
Related Vulnerabilities
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2950)
Moodle Improper Validation of Integrity Check Value Vulnerability (CVE-2021-20184)
Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-26048)
Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2021-30639)
WordPress Plugin Login Security Solution Multiple Unspecified Vulnerabilities (0.50.0)