Lucene search
K

9 matches found

0day.today
0day.today
added 2023/08/24 12:0 a.m.361 views

CrafterCMS 4.0.2 Cross Site Scripting Vulnerability

--------------------------------------------------------------------------- CrafterCMS = 4.0.2 Multiple Reflected Cross-Site Scripting Vulnerabilities --------------------------------------------------------------------------- - Software Link: https://craftercms.org - Affected Versions: Version...

7.4CVSS7.1AI score0.01304EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/08/23 12:0 a.m.331 views

CrafterCMS 4.0.2 Cross Site Scripting

--------------------------------------------------------------------------- CrafterCMS = 4.0.2 Multiple Reflected Cross-Site Scripting Vulnerabilities --------------------------------------------------------------------------- - Software Link: https://craftercms.org - Affected Versions: Version...

7.4CVSS7.1AI score0.01304EPSS
Exploits2
Circl
Circl
added 2023/08/03 6:40 p.m.16 views

CVE-2023-4136

creationtimestamp| type| source ---|---|--- 2023-08-03 18:40:02+00:00| seen| https://t.me/cibsecurity/67683 2025-06-02 16:52:14+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-4136.yaml 2025-06-04 21:02:24+00:00| seen|...

7.4CVSS6.5AI score0.01304EPSS
Exploits2References3
vulnersOsv
vulnersOsv
added 2023/08/03 6:30 p.m.11 views

org.craftercms:crafter-studio (>=4.0.1 <=4.0.2) potentially affected by CVE-2023-4136 via org.craftercms:crafter-engine (>=4.0.1 <=4.0.2)

org.craftercms:crafter-engine MAVEN version =4.0.1, =4.0.1, =4.0.2 Source cves: CVE-2023-4136 Source advisory: SNYK:JAVA-ORGCRAFTERCMS-8722255...

7.4CVSS6.7AI score0.01304EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2023/08/03 6:30 p.m.6 views

org.craftercms:crafter-studio (>=4.0.1 <=4.0.2) potentially affected by CVE-2023-4136 via org.craftercms:crafter-engine (>=4.0.1 <=4.0.2)

org.craftercms:crafter-engine MAVEN version =4.0.1, =4.0.1, =4.0.2 Source cves: CVE-2023-4136 Source advisory: OSV:GHSA-JFM4-3VV3-FM4V...

7.4CVSS6.7AI score0.01304EPSS
Exploits2
NVD
NVD
added 2023/08/03 3:15 p.m.22 views

CVE-2023-4136

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27...

7.4CVSS7.4AI score0.01304EPSS
Exploits2References3
OSV
OSV
added 2023/08/03 3:15 p.m.10 views

CVE-2023-4136

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27...

6.1CVSS6.6AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/08/03 1:33 p.m.9 views

CVE-2023-4136 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Crafter Engine

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27...

7.4CVSS6.8AI score0.01304EPSS
Exploits2References3
CVE
CVE
added 2023/08/03 1:33 p.m.78 views

CVE-2023-4136

CrafterCMS Engine is vulnerable to reflected XSS (CVE-2023-4136). The nuclei template shows exploitation via the transformerName parameter in the /api/1/site/url/transform endpoint, enabling an unauthenticated attacker to inject arbitrary JavaScript in the user context and potentially steal crede...

7.4CVSS6.7AI score0.01304EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder