6 matches found
CVE-2023-4136
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27...
CVE-2025-0502
Transmission of Private Resources into a New Sphere 'Resource Leak' vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6...
CVE-2025-0502
The CVE-2025-0502 entry concerns CrafterCMS Engine with a Resource Leak vulnerability that enables directory indexing and exposure of private resources. Affected versions are CrafterCMS 4.0.0–4.0.7 and 4.1.0–4.1.5 on Linux, macOS, Windows (x86/64-bit, ARM). Root cause is a Resource Leak that perm...
org.craftercms:crafter-studio (>=4.0.1 <=4.0.2) potentially affected by CVE-2023-4136 via org.craftercms:crafter-engine (>=4.0.1 <=4.0.2)
org.craftercms:crafter-engine MAVEN version =4.0.1, =4.0.1, =4.0.2 Source cves: CVE-2023-4136 Source advisory: SNYK:JAVA-ORGCRAFTERCMS-8722255...
org.craftercms:crafter-studio (>=3.0.0 <=3.1.27E) potentially affected by CVE-2023-4136 via org.craftercms:crafter-engine (>=3.0.0 <=3.1.27E)
org.craftercms:crafter-engine MAVEN version =3.0.0, =3.0.0, =3.1.27E Source cves: CVE-2023-4136 Source advisory: SNYK:JAVA-ORGCRAFTERCMS-8722255...
org.craftercms:crafter-deployer (=3.0.0), org.craftercms:crafter-engine (=3.0.0) +1 more potentially affected by CVE-2017-15683 via org.craftercms:crafter-core (=3.0.0)
org.craftercms:crafter-core MAVEN version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.craftercms:crafter-core and may be impacted: - org.craftercms:crafter-deployer =3.0.0 - org.craftercms:crafter-engine =3.0.0 -...