CVE-2023-4136 Information

Description

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in CrafterCMS Engine on Windows MacOS Linux x86 ARM 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2 from 3.1.0 through 3.1.27.

Reference

https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301