Craft Cms@* Security Vulnerabilities and Issues — Craft Cms@* CVE List

Lucene search

CraftcmsCraft Cms*

4 matches found

CVE•added 2021/09/30 12:15 a.m.•59 views

CVE-2021-41824

Craft CMS before 3.7.14 allows CSV injection.

8.8CVSS8.8AI score0.0051EPSS

CVE•added 2021/06/30 12:15 p.m.•58 views

CVE-2021-27903

An issue was discovered in Craft CMS before 3.6.7. In some circumstances, a potential Remote Code Execution vulnerability existed on sites that did not restrict administrative changes (if an attacker were somehow able to hijack an administrator's session).

9.8CVSS9.6AI score0.03824EPSS

CVE•added 2021/06/30 12:15 p.m.•53 views

CVE-2021-27902

An issue was discovered in Craft CMS before 3.6.0. In some circumstances, a potential XSS vulnerability existed in connection with front-end forms that accepted user uploads.

6.1CVSS5.9AI score0.00419EPSS

CVE•added 2021/05/07 7:31 p.m.•52 views

CVE-2021-32470

Craft CMS before 3.6.13 has an XSS vulnerability.

6.1CVSS5.9AI score0.00328EPSS