CVE-2020-19626

Cross-site Scripting in packagist/craftcms/cms

Identifier

CVE-2020-19626

Package Slug

packagist/craftcms/cms

Vulnerability

Cross-site Scripting

Description

Cross Site Scripting (XSS) vulnerability in craftcms, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new.

Affected Versions

Version 3.1.31

Solution

Upgrade to version 3.1.32 or above.

Last Modified

2021-03-29

source