Craft CMS Feed-Me

An issue discovered in Craft CMS version 4.6.1.1 allows remote attackers to cause a denial of service DoS via crafted string to Feed-Me Name and Feed-Me URL fields due to saving a feed using an Asset element type with no volume selected...

Pixel & tonic Craft CMS Injection Vulnerability

Pixel & tonic Craft CMS is a content management system CMS from Pixel & tonic Inc. in the United States. An injection vulnerability exists in Craft CMS version 4.6.1, which stems from the system's use of an unselected volume of the asset element type to save feeds, and can be exploited by a remot...

PT-2024-12554 · Craft Cms +1 · Craft Cms +1

Name of the Vulnerable Software and Affected Versions: Feed Me plugin version 4.6.1 Craft CMS version 4.6.1 Craft CMS version 4.6.1.1 Description: An issue was discovered that allows remote attackers to cause a denial of service DoS via crafted strings to Feed-Me Name and Feed-Me URL fields, due ...

CVE-2023-36260

CVE-2023-36260 affects the Feed Me plugin (version 4.6.1) on Craft CMS (version 4.6.1). The issue allows remote attackers to cause a Denial of Service by supplying crafted strings to the Feed-Me Name and Feed-Me URL fields when saving a feed via an Asset element with no volume selected. The root ...