CVE-2022-37246
packagist/craftcms/cms
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Craft CMS 4.2.0.1 is affected by Cross Site Scripting (XSS) in the file src/web/assets/cp/src/js/BaseElementSelectInput.js and in specific on the line label: elementInfo.label.
Version 4.2.0.1
Upgrade to version 4.2.0.2 or above.
2022-09-23
source |