CVE-2022-37247
packagist/craftcms/cms
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Craft CMS 4.2.0.1 is vulnerable to stored a cross-site scripting (XSS) via /admin/settings/fields page.
Version 4.2.0.1
Upgrade to version 4.2.0.2 or above.
2022-09-22
source |