Craft Cms@3.0.0 Security Vulnerabilities and Issues — Craft Cms@3.0.0 CVE List

Lucene search

CraftcmsCraft Cms3.0.0

3 matches found

CVE•added 2023/08/23 9:15 p.m.•87 views

CVE-2023-40035

Craft is a CMS for creating custom digital experiences on the web and beyond. Bypassing the validatePath function can lead to potential remote code execution. This vulnerability can lead to malicious control of vulnerable systems and data exfiltrations. Although the vulnerability is exploitable onl...

7.2CVSS7.3AI score0.00496EPSS

CVE•added 2023/05/09 4:15 p.m.•67 views

CVE-2023-31144

Craft CMS is a content management system. Starting in version 3.0.0 and prior to versions 3.8.4 and 4.4.4, a malformed title in the feed widget can deliver a cross-site scripting payload. This issue is fixed in version 3.8.4 and 4.4.4.

6.1CVSS5.8AI score0.00455EPSS

CVE•added 2023/05/26 9:15 p.m.•43 views

CVE-2023-33194

Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was patched in versio...

4.8CVSS4.4AI score0.00045EPSS