CVE-2022-37250

Published: Sep 16, 2022
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-37250" target="_blank" rel="noopener"> CVE-2022-37250
GHSA: <a href="https://github.com/advisories/GHSA-8r89-x93x-mjq2" target="_blank" rel="noopener"> GHSA-8r89-x93x-mjq2
Severity: Medium
Exploit:

Craft CMS 4.2.0.1 suffers from Stored Cross Site Scripting (XSS) in /admin/myaccount.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
craftcms / craft_cms	4.2.0.1	4.2.0.1.x
craftcms / cms	4.0.0-RC1	4.2.1