Vulnerability Details CVE-2023-38904
A Cross Site Scripting (XSS) vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.0%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2023-38904
-
cpe:2.3:a:decapcms:netlify_cms:2.10.192