Headline
GHSA-4m2g-668v-jwjx: Cross site scripting in getkirby/starterkit
A stored cross-site scripting (XSS) vulnerability in Kirby’s Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field.
Cross site scripting in getkirby/starterkit
Moderate severity GitHub Reviewed Published Aug 19, 2022 • Updated Aug 30, 2022
Related news
CVE-2022-35174: Cross Site Scripting (XSS) | OWASP Foundation
A stored cross-site scripting (XSS) vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field.