Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts/, /templates/ and some of the files in /.git/* (non-binary).
CPE | Name | Operator | Version |
---|---|---|---|
craftercms | eq | 3.1.7 | |
craftercms | eq | 3.1.11 | |
craftercms | eq | 3.1.5 | |
craftercms | eq | 3.1.4 | |
craftercms | eq | 3.1.10 | |
craftercms | eq | 3.1.9 | |
craftercms | eq | 3.1.14 | |
craftercms | eq | 3.1.0 | |
craftercms | eq | 3.1.6 | |
craftercms | eq | 3.1.8 |