Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Craft is a CMS for creating custom digital experiences on the web. Cross-site scripting (XSS) can be triggered via the Update Asset Index utility. This issue has been patched in version 4.4.6.
All versions before 4.4.6
Upgrade to version 4.4.6 or above.