Description
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
Remediation
References
Related Vulnerabilities
WordPress Plugin Daily Maui Photo Widget Multiple Cross-Site Scripting Vulnerabilities (0.2)
WordPress Plugin WooCommerce Admin Security Bypass (2.6.3)
WordPress Plugin TAuto Poster includes Backdoor [Only if downloaded via the vendor website] (1.4.5)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-18033)