CVE-2023-36260, GHSA-6p78-f7h9-6838
packagist/craftcms/cms
Craft CMS Feed-Me
An issue discovered in Craft CMS version 4.6.1. allows remote attackers to cause a denial of service (DoS) via crafted string to Feed-Me Name and Feed-Me URL fields due to saving a feed using an Asset element type with no volume selected.
All versions before 4.6.1.1
Upgrade to version 4.7.0 or above.
2024-01-31
source |