CVE-2023-36259

CVE-2023-36259

packagist/craftcms/cms

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross Site Scripting (XSS) vulnerability in Craft CMS Audit Plugin before version 3.0.2 allows attackers to execute arbitrary code during user creation.

All versions before 3.0.2

Upgrade to version 3.0.2 or above.

2024-02-07