2 matches found
CVE-2025-68436
creationtimestamp| type| source ---|---|--- 2026-01-24 22:43:02+00:00| seen| https://gist.github.com/alon710/551e19221453d3e1c7b86196d2bc895f...
CVE-2025-68436
Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, authenticated users on a Craft installation could potentially expose sensitive assets via their user profile photo via maliciously crafted requests. Users should update to the...