Description
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
Remediation
References
https://docs.craftercms.org/en/3.0/security/advisory.html
http://crafter.com
Related Vulnerabilities
CVE-2017-4960 Vulnerability in maven package org.cloudfoundry.identity:cloudfoundry-identity-server
CVE-2021-3856 Vulnerability in maven package org.keycloak:keycloak-services
CVE-2020-2199 Vulnerability in maven package org.jenkins-ci.plugins:subversion
CVE-2017-8045 Vulnerability in maven package org.springframework.amqp:spring-amqp