Description
Craft is a CMS for creating custom digital experiences on the web. A malformed RSS feed can deliver an XSS payload. This issue was patched in version 4.4.6.
Remediation
References
Related Vulnerabilities
WordPress Improper Input Validation Vulnerability (CVE-2020-35539)
WordPress Plugin Appointment Booking Calendar CSV Injection (1.3.34)
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928)
WordPress Plugin The Events Calendar Open Redirect (4.1.1)
WordPress 4.1.x Arbitrary File Deletion Vulnerability (4.1 - 4.1.23)