Lucene search
PRIOn knowledge basePRION:CVE-2024-21622HistoryJan 03, 2024 - 5:15 p.m.
Privilege escalation
2024-01-0317:15:00
PRIOn knowledge base
www.prio-n.com
3
craft
content management system
privilege escalation
vulnerability
version 3.x
version 4.x
user permissions
Craft is a content management system. This is a potential moderate impact, low complexity privilege escalation vulnerability in Craft starting in 3.x prior to 3.9.6 and 4.x prior to 4.4.16 with certain user permissions setups. This has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensure they are running at least those versions.
References
github.com/craftcms/cms/blob/develop/CHANGELOG.md
github.com/craftcms/cms/blob/v3/CHANGELOG.md
github.com/craftcms/cms/commit/76caf9af07d9964be0fd362772223be6a5f5b6aa
github.com/craftcms/cms/commit/be81eb653d633833f2ab22510794abb6bb9c0843
github.com/craftcms/cms/pull/13931
github.com/craftcms/cms/pull/13932
github.com/craftcms/cms/security/advisories/GHSA-j5g9-j7r4-6qvx
Related
cvelist
cvelist
CVE-2024-21622 Craft CMS Privilege Escalation
2024-01-03 16:51:25
osv
osv
Craft CMS Privilege Escalation
2024-01-03 21:50:26
CVE-2024-21622
2024-01-03 17:15:12
github
github
Craft CMS Privilege Escalation
2024-01-03 21:50:26
nvd
nvd
CVE-2024-21622
2024-01-03 17:15:12
veracode
veracode
Privilege Escalation
2024-01-04 07:57:46
cve
cve
CVE-2024-21622
2024-01-03 17:15:12