Crafter Cms Security Vulnerabilities and Issues — Crafter Cms CVE List

Lucene search

CraftercmsCrafter Cms

4 matches found

CVE•added 2020/11/27 6:15 p.m.•89 views

CVE-2017-15680

In Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability exists which allows unauthenticated attackers to view and modify administrative data.

6.5CVSS6.5AI score0.00919EPSS

CVE•added 2020/11/27 6:15 p.m.•88 views

CVE-2017-15682

In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.

6.1CVSS6AI score0.01409EPSS

CVE•added 2020/11/27 6:15 p.m.•85 views

CVE-2017-15686

Crafter CMS Crafter Studio 3.0.1 is affected by: Cross Site Scripting (XSS), which allows remote attackers to steal users’ cookies.

6.1CVSS6.1AI score0.00327EPSS

CVE•added 2021/12/02 4:15 p.m.•26 views

CVE-2021-23260

Authenticated users with Site roles may inject XSS scripts via file names that will execute in the browser for this and other users of the same site.

6.5CVSS5.5AI score0.0079EPSS