Search criteria
14 vulnerabilities found for CrafterCMS by CrafterCMS
FKIE_CVE-2025-6384
Vulnerability from fkie_nvd - Published: 2025-06-19 21:15 - Updated: 2025-12-16 16:08
Severity ?
Summary
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.
By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).
This issue affects CrafterCMS: from 4.0.0 through 4.2.2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| craftercms | craftercms | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:craftercms:craftercms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA01CEC4-1775-4C93-B893-ECCD8BFC6294",
"versionEndExcluding": "4.3.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.\n\nBy inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).\n\nThis issue affects CrafterCMS: from 4.0.0 through 4.2.2."
},
{
"lang": "es",
"value": "La vulnerabilidad de control inadecuado de recursos de c\u00f3digo gestionados din\u00e1micamente en Crafter Studio de CrafterCMS permite a los desarrolladores autenticados ejecutar comandos del sistema operativo mediante Groovy Sandbox Bypass. Al insertar elementos maliciosos de Groovy, un atacante puede eludir las restricciones de la Sandbox y obtener RCE (ejecuci\u00f3n remota de c\u00f3digo). Este problema afecta a CrafterCMS desde la versi\u00f3n 4.0.0 hasta la 4.2.2."
}
],
"id": "CVE-2025-6384",
"lastModified": "2025-12-16T16:08:02.550",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@craftersoftware.com",
"type": "Secondary"
}
]
},
"published": "2025-06-19T21:15:27.390",
"references": [
{
"source": "security@craftersoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://docs.craftercms.org/current/security/advisory.html#cv-2025061901"
}
],
"sourceIdentifier": "security@craftersoftware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-913"
}
],
"source": "security@craftersoftware.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-0502
Vulnerability from fkie_nvd - Published: 2025-01-15 18:15 - Updated: 2025-12-15 20:57
Severity ?
Summary
Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| craftercms | craftercms | * | |
| craftercms | craftercms | * | |
| apple | macos | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:craftercms:craftercms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1376168B-9D16-436C-A524-A636B3D0828D",
"versionEndExcluding": "4.0.8",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftercms:craftercms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D214D37-1C07-45CA-9A91-872F1F26CBC1",
"versionEndExcluding": "4.1.6",
"versionStartIncluding": "4.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027) vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6."
},
{
"lang": "es",
"value": " La vulnerabilidad de transmisi\u00f3n de recursos privados a una nueva esfera (\u0027fuga de recursos\u0027) en CrafterCMS Engine en Linux, MacOS, x86, Windows, 64 bit, ARM permite la indexaci\u00f3n de directorios y la exposici\u00f3n de fugas de recursos. Este problema afecta a CrafterCMS: desde la versi\u00f3n 4.0.0 hasta la 4.0.8, desde la versi\u00f3n 4.1.0 hasta la 4.1.6."
}
],
"id": "CVE-2025-0502",
"lastModified": "2025-12-15T20:57:41.123",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@craftersoftware.com",
"type": "Secondary"
}
]
},
"published": "2025-01-15T18:15:24.650",
"references": [
{
"source": "security@craftersoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://craftercms.com/docs/current/security/advisory.html#cv-2025011501"
}
],
"sourceIdentifier": "security@craftersoftware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-402"
}
],
"source": "security@craftersoftware.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-4136
Vulnerability from fkie_nvd - Published: 2023-08-03 15:15 - Updated: 2025-02-13 17:17
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| craftercms | craftercms | * | |
| craftercms | craftercms | * | |
| apple | macos | - | |
| apple | macos | - | |
| apple | macos | - | |
| linux | linux_kernel | - | |
| linux | linux_kernel | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - | |
| microsoft | windows | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:craftercms:craftercms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB2B55E-7AF1-4AF0-9A0E-DDADE04E92D1",
"versionEndIncluding": "3.1.27",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftercms:craftercms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF9083D-374D-4334-ADF8-40FC1F3E788F",
"versionEndIncluding": "4.0.2",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:arm:*",
"matchCriteriaId": "D09455C4-6123-484B-BC46-C2EB3FE6E7CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "8D9FFE94-BD18-47A2-ADD3-2D41057BAEFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "B685D4BF-96A4-43A5-AED0-212F3FAFCC6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:arm:*",
"matchCriteriaId": "B9B95293-E81B-43D2-A8FB-D7F16D519C39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "71BFBE5F-56EB-45C9-B558-FC4D7CEA345A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1015B147-4C7F-4E85-9E9F-707CE732498C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:arm:*",
"matchCriteriaId": "4D3B2732-279B-4451-BEA7-C5A6B50BC422",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "82132539-3C34-4B63-BE2A-F51077D8BC5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "60366048-32FE-4081-A852-04319FD7A52C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27."
}
],
"id": "CVE-2023-4136",
"lastModified": "2025-02-13T17:17:15.710",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "security@craftersoftware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-03T15:15:34.167",
"references": [
{
"source": "security@craftersoftware.com",
"url": "http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html"
},
{
"source": "security@craftersoftware.com",
"url": "http://seclists.org/fulldisclosure/2023/Aug/30"
},
{
"source": "security@craftersoftware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2023/Aug/30"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301"
}
],
"sourceIdentifier": "security@craftersoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@craftersoftware.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-33194
Vulnerability from fkie_nvd - Published: 2023-05-26 21:15 - Updated: 2024-11-21 08:05
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was patched in version 4.4.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| craftcms | craft_cms | * | |
| craftcms | craft_cms | * | |
| craftercms | craftercms | 4.0.0 | |
| craftercms | craftercms | 4.0.0 | |
| craftercms | craftercms | 4.0.0 | |
| craftercms | craftercms | 4.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFF5C13-E1E0-461B-BD72-CF35DAC6325C",
"versionEndExcluding": "3.8.6",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79995027-0F4D-4586-9F49-D6A56D701E45",
"versionEndExcluding": "4.4.6",
"versionStartIncluding": "4.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftercms:craftercms:4.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "533BCAA2-8264-4394-8C2C-0F50E24060D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftercms:craftercms:4.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "06BBD5BE-B2CD-466A-82E5-A20D4F48F09C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftercms:craftercms:4.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DE692C6-F31D-4EF6-879E-18E9F1701163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftercms:craftercms:4.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0E057291-3824-48A3-9FB8-EC7060A124E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn\u2019t fix it when clicking save. This issue was patched in version 4.4.6."
}
],
"id": "CVE-2023-33194",
"lastModified": "2024-11-21T08:05:05.833",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-26T21:15:20.890",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/craftcms/cms/releases/tag/4.4.6"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit"
],
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/craftcms/cms/releases/tag/4.4.6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-80"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-6384 (GCVE-0-2025-6384)
Vulnerability from cvelistv5 – Published: 2025-06-19 20:57 – Updated: 2025-06-23 20:22
VLAI?
Title
Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Summary
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.
By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).
This issue affects CrafterCMS: from 4.0.0 through 4.2.2.
Severity ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Affected:
4.0.0 , < 4.3.0
(semver)
|
Credits
Matei "Mal" Badanoiu
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-23T20:22:35.235439Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T20:22:46.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"packageName": "Studio",
"platforms": [
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThan": "4.3.0",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Matei \"Mal\" Badanoiu"
}
],
"datePublic": "2025-06-19T20:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.\u003c/p\u003e\u003cp\u003eBy inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).\u003c/p\u003e\u003cp\u003eThis issue affects CrafterCMS: from 4.0.0 through 4.2.2.\u003c/p\u003e"
}
],
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.\n\nBy inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).\n\nThis issue affects CrafterCMS: from 4.0.0 through 4.2.2."
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-19T20:57:04.714Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://docs.craftercms.org/current/security/advisory.html#cv-2025061901"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Control of Dynamically-Managed Code Resources in Crafter Studio",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2025-6384",
"datePublished": "2025-06-19T20:57:04.714Z",
"dateReserved": "2025-06-19T20:45:58.222Z",
"dateUpdated": "2025-06-23T20:22:46.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0502 (GCVE-0-2025-0502)
Vulnerability from cvelistv5 – Published: 2025-01-15 17:47 – Updated: 2025-01-15 20:07
VLAI?
Title
Transmission of Private Resources into a New Sphere in Crafter Engine
Summary
Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6.
Severity ?
CWE
- CWE-402 - Transmission of Private Resources into a New Sphere ('Resource Leak')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Affected:
4.0.0 , < 4.0.8
(semver)
Affected: 4.1.0 , < 4.1.6 (semver) |
Credits
Carlos Ortiz, https://github.com/cortiz
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T20:06:56.483058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T20:07:34.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Engine",
"platforms": [
"Linux",
"MacOS",
"x86",
"Windows",
"64 bit",
"ARM"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThan": "4.0.8",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "Carlos Ortiz, https://github.com/cortiz"
}
],
"datePublic": "2025-01-15T15:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027) vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.\u003cp\u003eThis issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6.\u003c/p\u003e"
}
],
"value": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027) vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6."
}
],
"impacts": [
{
"capecId": "CAPEC-127",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-127 Directory Indexing"
}
]
},
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-402",
"description": "CWE-402: Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T18:00:41.606Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://craftercms.com/docs/current/security/advisory.html#cv-2025011501"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Transmission of Private Resources into a New Sphere in Crafter Engine",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Block external access to the two APIs:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003ctt\u003e/api/1/site/content_store/tree.json\u003c/tt\u003e\u003c/li\u003e\u003cli\u003e\u003ctt\u003e/api/1/site/content_store/item.json\u003c/tt\u003e\u003c/li\u003e\u003c/ul\u003eAnother approach is to block all APIs that start with \u003ctt\u003e/api/1/site\u003c/tt\u003e; this can be done by changing \u003ctt\u003eserver-config.properties\u003c/tt\u003e\u0026nbsp;to have the property:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e# restrict site API access\u003cbr\u003ecrafter.core.rest.content.store.url.allowedPatterns=^/?site(/.*)?$\u003c/tt\u003e"
}
],
"value": "Block external access to the two APIs:\n * /api/1/site/content_store/tree.json\n * /api/1/site/content_store/item.json\n\n\nAnother approach is to block all APIs that start with /api/1/site; this can be done by changing server-config.properties\u00a0to have the property:\n\n# restrict site API access\ncrafter.core.rest.content.store.url.allowedPatterns=^/?site(/.*)?$"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2025-0502",
"datePublished": "2025-01-15T17:47:51.440Z",
"dateReserved": "2025-01-15T17:42:29.348Z",
"dateUpdated": "2025-01-15T20:07:34.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4136 (GCVE-0-2023-4136)
Vulnerability from cvelistv5 – Published: 2023-08-03 13:33 – Updated: 2025-02-13 17:09
VLAI?
Title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Crafter Engine
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.
Severity ?
7.4 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Affected:
4.0.0 , ≤ 4.0.2
(semver)
Affected: 3.1.0 , ≤ 3.1.27 (semver) |
Credits
Egidio Romano <egidio.romano@mindedsecurity.com>
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:17:12.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/30"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T20:31:02.416127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T20:34:33.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Engine",
"platforms": [
"Windows",
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.27",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Egidio Romano \u003cegidio.romano@mindedsecurity.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.\u003cp\u003eThis issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-23T14:06:10.349Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/30"
},
{
"url": "http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in Crafter Engine",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eAdd a WAF to inspect and filter these types of attacks\u003c/li\u003e\u003cli\u003eDisable external access to these APIs if not in active use by the rendering application\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "* Add a WAF to inspect and filter these types of attacks\n * Disable external access to these APIs if not in active use by the rendering application"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2023-4136",
"datePublished": "2023-08-03T13:33:10.409Z",
"dateReserved": "2023-08-03T13:08:38.129Z",
"dateUpdated": "2025-02-13T17:09:02.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33194 (GCVE-0-2023-33194)
Vulnerability from cvelistv5 – Published: 2023-05-26 20:30 – Updated: 2025-01-14 19:25
VLAI?
Title
CraftCMS stored XSS in Quick Post widget error message
Summary
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was patched in version 4.4.6.
Severity ?
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:35.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9"
},
{
"name": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888"
},
{
"name": "https://github.com/craftcms/cms/releases/tag/4.4.6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/craftcms/cms/releases/tag/4.4.6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33194",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T19:25:03.350854Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:25:11.922Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "craftcms",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0-RC1, \u003c 4.4.6"
},
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c= 3.8.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn\u2019t fix it when clicking save. This issue was patched in version 4.4.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-26T20:30:23.382Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9"
},
{
"name": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888"
},
{
"name": "https://github.com/craftcms/cms/releases/tag/4.4.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/craftcms/cms/releases/tag/4.4.6"
}
],
"source": {
"advisory": "GHSA-3wxg-w96j-8hq9",
"discovery": "UNKNOWN"
},
"title": "CraftCMS stored XSS in Quick Post widget error message"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-33194",
"datePublished": "2023-05-26T20:30:23.382Z",
"dateReserved": "2023-05-17T22:25:50.699Z",
"dateUpdated": "2025-01-14T19:25:11.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26020 (GCVE-0-2023-26020)
Vulnerability from cvelistv5 – Published: 2023-02-17 17:24 – Updated: 2025-03-12 20:05
VLAI?
Title
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Crafter Studio
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.
Severity ?
5.7 (Medium)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Affected:
4.0.0 , ≤ 4.0.1
(semver)
Affected: 3.1.0 , ≤ 3.1.26 (semver) |
Credits
Gil Correia <gil.correia@devoteam.com>
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023021701"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T20:05:35.144543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T20:05:48.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Studio",
"platforms": [
"Linux",
"MacOS",
"Windows",
"x86",
"ARM",
"64 bit"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThanOrEqual": "4.0.1",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.26",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gil Correia \u003cgil.correia@devoteam.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.\u003cp\u003eThis issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-17T17:24:45.089Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023021701"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) in Crafter Studio",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2023-26020",
"datePublished": "2023-02-17T17:24:45.089Z",
"dateReserved": "2023-02-17T17:01:02.361Z",
"dateUpdated": "2025-03-12T20:05:48.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6384 (GCVE-0-2025-6384)
Vulnerability from nvd – Published: 2025-06-19 20:57 – Updated: 2025-06-23 20:22
VLAI?
Title
Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Summary
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.
By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).
This issue affects CrafterCMS: from 4.0.0 through 4.2.2.
Severity ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Affected:
4.0.0 , < 4.3.0
(semver)
|
Credits
Matei "Mal" Badanoiu
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-23T20:22:35.235439Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T20:22:46.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"packageName": "Studio",
"platforms": [
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThan": "4.3.0",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Matei \"Mal\" Badanoiu"
}
],
"datePublic": "2025-06-19T20:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.\u003c/p\u003e\u003cp\u003eBy inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).\u003c/p\u003e\u003cp\u003eThis issue affects CrafterCMS: from 4.0.0 through 4.2.2.\u003c/p\u003e"
}
],
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.\n\nBy inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).\n\nThis issue affects CrafterCMS: from 4.0.0 through 4.2.2."
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-19T20:57:04.714Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://docs.craftercms.org/current/security/advisory.html#cv-2025061901"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Control of Dynamically-Managed Code Resources in Crafter Studio",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2025-6384",
"datePublished": "2025-06-19T20:57:04.714Z",
"dateReserved": "2025-06-19T20:45:58.222Z",
"dateUpdated": "2025-06-23T20:22:46.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0502 (GCVE-0-2025-0502)
Vulnerability from nvd – Published: 2025-01-15 17:47 – Updated: 2025-01-15 20:07
VLAI?
Title
Transmission of Private Resources into a New Sphere in Crafter Engine
Summary
Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6.
Severity ?
CWE
- CWE-402 - Transmission of Private Resources into a New Sphere ('Resource Leak')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Affected:
4.0.0 , < 4.0.8
(semver)
Affected: 4.1.0 , < 4.1.6 (semver) |
Credits
Carlos Ortiz, https://github.com/cortiz
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T20:06:56.483058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T20:07:34.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Engine",
"platforms": [
"Linux",
"MacOS",
"x86",
"Windows",
"64 bit",
"ARM"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThan": "4.0.8",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "Carlos Ortiz, https://github.com/cortiz"
}
],
"datePublic": "2025-01-15T15:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027) vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.\u003cp\u003eThis issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6.\u003c/p\u003e"
}
],
"value": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027) vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6."
}
],
"impacts": [
{
"capecId": "CAPEC-127",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-127 Directory Indexing"
}
]
},
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-402",
"description": "CWE-402: Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T18:00:41.606Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://craftercms.com/docs/current/security/advisory.html#cv-2025011501"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Transmission of Private Resources into a New Sphere in Crafter Engine",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Block external access to the two APIs:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003ctt\u003e/api/1/site/content_store/tree.json\u003c/tt\u003e\u003c/li\u003e\u003cli\u003e\u003ctt\u003e/api/1/site/content_store/item.json\u003c/tt\u003e\u003c/li\u003e\u003c/ul\u003eAnother approach is to block all APIs that start with \u003ctt\u003e/api/1/site\u003c/tt\u003e; this can be done by changing \u003ctt\u003eserver-config.properties\u003c/tt\u003e\u0026nbsp;to have the property:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e# restrict site API access\u003cbr\u003ecrafter.core.rest.content.store.url.allowedPatterns=^/?site(/.*)?$\u003c/tt\u003e"
}
],
"value": "Block external access to the two APIs:\n * /api/1/site/content_store/tree.json\n * /api/1/site/content_store/item.json\n\n\nAnother approach is to block all APIs that start with /api/1/site; this can be done by changing server-config.properties\u00a0to have the property:\n\n# restrict site API access\ncrafter.core.rest.content.store.url.allowedPatterns=^/?site(/.*)?$"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2025-0502",
"datePublished": "2025-01-15T17:47:51.440Z",
"dateReserved": "2025-01-15T17:42:29.348Z",
"dateUpdated": "2025-01-15T20:07:34.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4136 (GCVE-0-2023-4136)
Vulnerability from nvd – Published: 2023-08-03 13:33 – Updated: 2025-02-13 17:09
VLAI?
Title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Crafter Engine
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.
Severity ?
7.4 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Affected:
4.0.0 , ≤ 4.0.2
(semver)
Affected: 3.1.0 , ≤ 3.1.27 (semver) |
Credits
Egidio Romano <egidio.romano@mindedsecurity.com>
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:17:12.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/30"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T20:31:02.416127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T20:34:33.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Engine",
"platforms": [
"Windows",
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.27",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Egidio Romano \u003cegidio.romano@mindedsecurity.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.\u003cp\u003eThis issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-23T14:06:10.349Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/30"
},
{
"url": "http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in Crafter Engine",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eAdd a WAF to inspect and filter these types of attacks\u003c/li\u003e\u003cli\u003eDisable external access to these APIs if not in active use by the rendering application\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "* Add a WAF to inspect and filter these types of attacks\n * Disable external access to these APIs if not in active use by the rendering application"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2023-4136",
"datePublished": "2023-08-03T13:33:10.409Z",
"dateReserved": "2023-08-03T13:08:38.129Z",
"dateUpdated": "2025-02-13T17:09:02.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33194 (GCVE-0-2023-33194)
Vulnerability from nvd – Published: 2023-05-26 20:30 – Updated: 2025-01-14 19:25
VLAI?
Title
CraftCMS stored XSS in Quick Post widget error message
Summary
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was patched in version 4.4.6.
Severity ?
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:35.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9"
},
{
"name": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888"
},
{
"name": "https://github.com/craftcms/cms/releases/tag/4.4.6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/craftcms/cms/releases/tag/4.4.6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33194",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T19:25:03.350854Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:25:11.922Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "craftcms",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0-RC1, \u003c 4.4.6"
},
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c= 3.8.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn\u2019t fix it when clicking save. This issue was patched in version 4.4.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-26T20:30:23.382Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9"
},
{
"name": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888"
},
{
"name": "https://github.com/craftcms/cms/releases/tag/4.4.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/craftcms/cms/releases/tag/4.4.6"
}
],
"source": {
"advisory": "GHSA-3wxg-w96j-8hq9",
"discovery": "UNKNOWN"
},
"title": "CraftCMS stored XSS in Quick Post widget error message"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-33194",
"datePublished": "2023-05-26T20:30:23.382Z",
"dateReserved": "2023-05-17T22:25:50.699Z",
"dateUpdated": "2025-01-14T19:25:11.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26020 (GCVE-0-2023-26020)
Vulnerability from nvd – Published: 2023-02-17 17:24 – Updated: 2025-03-12 20:05
VLAI?
Title
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Crafter Studio
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.
Severity ?
5.7 (Medium)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Affected:
4.0.0 , ≤ 4.0.1
(semver)
Affected: 3.1.0 , ≤ 3.1.26 (semver) |
Credits
Gil Correia <gil.correia@devoteam.com>
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023021701"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T20:05:35.144543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T20:05:48.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Studio",
"platforms": [
"Linux",
"MacOS",
"Windows",
"x86",
"ARM",
"64 bit"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThanOrEqual": "4.0.1",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.26",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gil Correia \u003cgil.correia@devoteam.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.\u003cp\u003eThis issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-17T17:24:45.089Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023021701"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) in Crafter Studio",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2023-26020",
"datePublished": "2023-02-17T17:24:45.089Z",
"dateReserved": "2023-02-17T17:01:02.361Z",
"dateUpdated": "2025-03-12T20:05:48.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}