2 matches found
CVE-2025-68454
creationtimestamp| type| source ---|---|--- 2026-01-12 19:06:39+00:00| published-proof-of-concept| Telegram/4lfrJzyKgz7Xfkmo9hP10nh0kqZGrFrgmtcVT2t75Nf85eU...
CVE-2025-68454
CVE-2025-68454 affects Craft CMS: versions 5.0.0-RC1–5.8.20 and 4.0.0-RC1–4.16.16 are vulnerable to authenticated Remote Code Execution via Twig SSTI. The issue requires administrator access to Craft’s Control Panel with allowAdminChanges enabled (or a non-admin with disabled allowAdminChanges bu...