Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-23267: Security Advisories — CrafterCMS 3.1.23 documentation

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.

CVE
#vulnerability#git#rce#auth

CV-2022051603¶

Date

2022.05.16

Affected Versions

3.1 < 3.1.18

Vulnerability Type

CWE-913 Improper Control of Dynamically-Managed Code Resources

Risk

High

Description

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.

CVE

https://www.cve.org/CVERecord?id=CVE-2021-23267

Credit

Kai Zhao (ToTU Security Team), https://github.com/happyhacking-k

CV-2022051602¶

Date

2022.05.16

Affected Versions

3.1 < 3.1.18

Vulnerability Type

CWE-117 Improper Output Neutralization for Logs

Risk

Medium

Description

An anonymous user can craft a URL with text that ends up in the log viewer as is.The text can then include textual messages to mislead the administrator.

CVE

https://www.cve.org/CVERecord?id=CVE-2021-23266

Credit

Faizan Wani, https://github.com/faizanw8

CV-2021120106¶

Date

2021.12.01

Affected Versions

3.1 < 3.1.15

Vulnerability Type

CWE-402: Transmission of Private Resources into a New Sphere (‘Resource Leak’)

Risk

Medium

Description

Transmission of Private Resources into a New Sphere (‘Resource Leak’) in CrafterEngine

CVE

https://www.cve.org/CVERecord?id=CVE-2021-23263

Credit

Carlos Ortiz, https://github.com/cortiz

CV-2021120107¶

Date

2021.12.01

Affected Versions

3.1 < 3.1.15

Vulnerability Type

CWE-402: Transmission of Private Resources into a New Sphere (‘Resource Leak’) CWE-668 Exposure of Resource to Wrong Sphere

Risk

High

Description

Transmission of Private Resources into a New Sphere (‘Resource Leak’) and Exposureof Resource to Wrong Sphere in Crafter Search

CVE

https://www.cve.org/CVERecord?id=CVE-2021-23264

Credit

Sparsh Kulshrestha, https://github.com/sparshkulshrestha

CV-2020080102¶

Date

2020.08.01

Affected Versions

3.0 < 3.0.27
3.1 < 3.1.7

Vulnerability Type

RCE

Risk

Medium

Description

Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via deep inspection of FreeMarker template exposed objects.

CVE

https://www.cve.org/CVERecord?id=CVE-2020-25803

Credit

Alvaro Muñoz (GitHub), https://github.com/pwntester

CV-2017061502¶

Date

2017.06.15

Affected Versions

3.0 < 3.0.1

Vulnerability Type

Directory Traversal

Risk

Critical

Description

A directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE.

CVE

https://www.cve.org/CVERecord?id=CVE-2017-15681

Credit

Jasmin Landry, https://github.com/JR0ch17

Related news

CVE-2023-4136: Security Advisories — CrafterCMS 4.0.7 documentation

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.

CVE-2023-26020: Security Advisories — CrafterCMS 4.0.2 documentation

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.

CVE-2021-23265: Security Advisories — CrafterCMS 3.1.23 documentation

A logged-in and authenticated user with a Reviewer Role may lock a content item.

CVE-2021-23265: Security Advisories — CrafterCMS 3.1.23 documentation

A logged-in and authenticated user with a Reviewer Role may lock a content item.

CVE-2021-23265: Security Advisories — CrafterCMS 3.1.23 documentation

A logged-in and authenticated user with a Reviewer Role may lock a content item.

CVE-2021-23265: Security Advisories — CrafterCMS 3.1.23 documentation

A logged-in and authenticated user with a Reviewer Role may lock a content item.

CVE-2021-23266: Security Advisories — CrafterCMS 3.1.23 documentation

An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator.

CVE-2021-23265: Security Advisories — CrafterCMS 3.1.23 documentation

A logged-in and authenticated user with a Reviewer Role may lock a content item.

CVE-2021-23265: Security Advisories — CrafterCMS 3.1.23 documentation

A logged-in and authenticated user with a Reviewer Role may lock a content item.

CVE-2021-23263: Security Advisories — CrafterCMS 3.1.25 documentation

Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts/*, /templates/* and some of the files in /.git/* (non-binary).

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907