CVE-2024-45406 Information

Description

Craft is a content management system (CMS). Craft CMS 5 stored XSS can be triggered by the breadcrumb list and title fields with user input.

Reference

https://github.com/craftcms/cms/security/advisories/GHSA-28h4-788g-rh42 https://github.com/craftcms/cms/commit/b7348942f8131b3868ec6f46d615baae50151bb8