Crafter Cms Security Vulnerabilities and Issues — Crafter Cms CVE List

Lucene search

CraftercmsCrafter Cms

5 matches found

CVE•added 2022/05/16 5:15 p.m.•67 views

CVE-2021-23266

An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator.

4.3CVSS4.5AI score0.00243EPSS

CVE•added 2022/05/16 5:15 p.m.•65 views

CVE-2021-23267

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.

9CVSS8.4AI score0.00462EPSS

CVE•added 2022/05/16 5:15 p.m.•60 views

CVE-2021-23265

A logged-in and authenticated user with a Reviewer Role may lock a content item.

4.3CVSS4.2AI score0.00378EPSS

CVE•added 2022/09/13 7:15 p.m.•46 views

CVE-2022-40634

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI.

7.2CVSS6.8AI score0.07844EPSS

CVE•added 2022/09/13 7:15 p.m.•41 views

CVE-2022-40635

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.

7.2CVSS6.8AI score0.04157EPSS