6 matches found
CVE-2025-6384
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...
CVE-2025-6384
creationtimestamp| type| source ---|---|--- 2025-06-19 21:44:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18885 2025-06-19 22:31:26+00:00| seen| Telegram/QDVONAJ-zoxa8IF5yGSkPSQU1xz6kI0qfAwwtPOjWAaZ4 2025-06-19 23:43:29+00:00| seen|...
CVE-2025-6384
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...
CVE-2025-6384 Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...
CVE-2025-6384 Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...
CVE-2025-6384
CrafterCMS Crafter Studio is affected by CVE-2025-6384 (versions 4.0.0–4.2.2). The issue is an Improper Control of Dynamically-Managed Code Resources that allows authenticated developers to bypass the Groovy sandbox, enabling remote code execution (RCE) by injecting malicious Groovy elements. The...