Craft CMS 4.2.0.1 is affected by Cross Site Scripting (XSS) in the file src/web/assets/cp/src/js/BaseElementSelectInput.js and in specific on the line label: elementInfo.label.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| craftcms/cms(Packagist) | 4.0.0-RC1 | 4.2.1 | N/A |
| craftcms/cms(Packagist) | 3.7.39 | 3.7.51 | N/A |
CVSS Metrics
