2 matches found
CVE-2022-40634
CVE-2022-40634 affects Crafter CMS Crafter Studio. The vulnerability arises from improper control of dynamically-managed code resources, enabling Server-Side Template Injection via FreeMarker (SSTI). Exploitation requires authenticated user credentials and can lead to OS command execution, as des...
CVE-2022-40634 Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI...