Lucene search
GoogleOSV:CVE-2021-27903HistoryJun 30, 2021 - 12:15 p.m.
CVE-2021-27903
2021-06-3012:15:07
Google
osv.dev
3
An issue was discovered in Craft CMS before 3.6.7. In some circumstances, a potential Remote Code Execution vulnerability existed on sites that did not restrict administrative changes (if an attacker were somehow able to hijack an administrator’s session).
| CPE | Name | Operator | Version |
|---|---|---|---|
| cms | eq | 1.0.0-alpha.2236 | |
| cms | eq | 1.4.0-alpha.2493 | |
| cms | eq | 3.0.0-beta.5 | |
| cms | eq | 3.3.19 | |
| cms | eq | 2.6.2778 | |
| cms | eq | 0.9.2136 | |
| cms | eq | 3.5.13.2 | |
| cms | eq | 3.4.0-RC2 | |
| cms | eq | 3.0.0-beta.7 | |
| cms | eq | 3.2.0-RC2 |
Related
veracode
veracode
Remote Code Execution (RCE)
2021-07-01 09:23:06
cve
cve
CVE-2021-27903
2021-06-30 12:15:07
nvd
nvd
CVE-2021-27903
2021-06-30 12:15:07
osv
osv
Craft CMS Remote Code Injection
2021-07-02 18:36:41
prion
prion
Remote code execution
2021-06-30 12:15:00
cvelist
cvelist
CVE-2021-27903
2021-06-30 11:56:48
github
github
Craft CMS Remote Code Injection
2021-07-02 18:36:41