Vulnerability Details CVE-2023-33196
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.5%
CVSS Severity
CVSS v3 Score 5.5
References
- https://github.com/craftcms/cms/commit/053d7119697e480ff81c5723bb9a33eaa49e0fc7
- https://github.com/craftcms/cms/releases/tag/4.4.7
- https://github.com/craftcms/cms/security/advisories/GHSA-cjmm-x9x9-m2w5
- https://github.com/craftcms/cms/commit/053d7119697e480ff81c5723bb9a33eaa49e0fc7
- https://github.com/craftcms/cms/releases/tag/4.4.7
- https://github.com/craftcms/cms/security/advisories/GHSA-cjmm-x9x9-m2w5
Products affected by CVE-2023-33196
-
cpe:2.3:a:craftcms:craft_cms:4.0.0
-
cpe:2.3:a:craftcms:craft_cms:4.0.1
-
cpe:2.3:a:craftcms:craft_cms:4.0.2
-
cpe:2.3:a:craftcms:craft_cms:4.0.3
-
cpe:2.3:a:craftcms:craft_cms:4.0.4
-
cpe:2.3:a:craftcms:craft_cms:4.0.5
-
cpe:2.3:a:craftcms:craft_cms:4.0.5.1
-
cpe:2.3:a:craftcms:craft_cms:4.0.5.2
-
cpe:2.3:a:craftcms:craft_cms:4.0.6
-
cpe:2.3:a:craftcms:craft_cms:4.1.0
-
cpe:2.3:a:craftcms:craft_cms:4.1.0.1
-
cpe:2.3:a:craftcms:craft_cms:4.1.0.2
-
cpe:2.3:a:craftcms:craft_cms:4.1.1
-
cpe:2.3:a:craftcms:craft_cms:4.1.2
-
cpe:2.3:a:craftcms:craft_cms:4.1.3
-
cpe:2.3:a:craftcms:craft_cms:4.1.4
-
cpe:2.3:a:craftcms:craft_cms:4.1.4.1
-
cpe:2.3:a:craftcms:craft_cms:4.2.0
-
cpe:2.3:a:craftcms:craft_cms:4.2.0.1
-
cpe:2.3:a:craftcms:craft_cms:4.2.0.2
-
cpe:2.3:a:craftcms:craft_cms:4.2.1
-
cpe:2.3:a:craftcms:craft_cms:4.2.1.1
-
cpe:2.3:a:craftcms:craft_cms:4.2.2
-
cpe:2.3:a:craftcms:craft_cms:4.2.3
-
cpe:2.3:a:craftcms:craft_cms:4.2.4
-
cpe:2.3:a:craftcms:craft_cms:4.2.5
-
cpe:2.3:a:craftcms:craft_cms:4.2.5.1
-
cpe:2.3:a:craftcms:craft_cms:4.2.5.2
-
cpe:2.3:a:craftcms:craft_cms:4.2.6
-
cpe:2.3:a:craftcms:craft_cms:4.2.7
-
cpe:2.3:a:craftcms:craft_cms:4.2.8
-
cpe:2.3:a:craftcms:craft_cms:4.3.0
-
cpe:2.3:a:craftcms:craft_cms:4.3.1
-
cpe:2.3:a:craftcms:craft_cms:4.3.10
-
cpe:2.3:a:craftcms:craft_cms:4.3.11
-
cpe:2.3:a:craftcms:craft_cms:4.3.2
-
cpe:2.3:a:craftcms:craft_cms:4.3.2.1
-
cpe:2.3:a:craftcms:craft_cms:4.3.3
-
cpe:2.3:a:craftcms:craft_cms:4.3.4
-
cpe:2.3:a:craftcms:craft_cms:4.3.5
-
cpe:2.3:a:craftcms:craft_cms:4.3.6
-
cpe:2.3:a:craftcms:craft_cms:4.3.6.1
-
cpe:2.3:a:craftcms:craft_cms:4.3.7
-
cpe:2.3:a:craftcms:craft_cms:4.3.7.1
-
cpe:2.3:a:craftcms:craft_cms:4.3.8
-
cpe:2.3:a:craftcms:craft_cms:4.3.8.1
-
cpe:2.3:a:craftcms:craft_cms:4.3.8.2
-
cpe:2.3:a:craftcms:craft_cms:4.3.9
-
cpe:2.3:a:craftcms:craft_cms:4.4.0
-
cpe:2.3:a:craftcms:craft_cms:4.4.1
-
cpe:2.3:a:craftcms:craft_cms:4.4.2
-
cpe:2.3:a:craftcms:craft_cms:4.4.3
-
cpe:2.3:a:craftcms:craft_cms:4.4.4
-
cpe:2.3:a:craftcms:craft_cms:4.4.5
-
cpe:2.3:a:craftcms:craft_cms:4.4.6
-
cpe:2.3:a:craftcms:craft_cms:4.4.6.1