Craft Cms@4.0.0 Security Vulnerabilities and Issues — Craft Cms@4.0.0 CVE List

Lucene search

CraftcmsCraft Cms4.0.0

2 matches found

CVE•added 2023/08/23 9:15 p.m.•80 views

CVE-2023-40035

Craft is a CMS for creating custom digital experiences on the web and beyond. Bypassing the validatePath function can lead to potential remote code execution. This vulnerability can lead to malicious control of vulnerable systems and data exfiltrations. Although the vulnerability is exploitable onl...

7.2CVSS7.3AI score0.00379EPSS

CVE•added 2023/05/26 9:15 p.m.•45 views

CVE-2023-33196

Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.

5.5CVSS5.3AI score0.00075EPSS