craftercms

Top products

The 15 most recently published vulnerabilities affecting craftercms.

• CVE-2025-6384Improper Control of Dynamically-Managed Code Resources in Crafter Studio9.1Jun 19, 2025
• CVE-2025-0502Transmission of Private Resources into a New Sphere in Crafter Engine9.1Jan 15, 2025
• CVE-2023-4136Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Crafter Engine7.4Aug 3, 2023
• CVE-2023-33194CraftCMS stored XSS in Quick Post widget error message3.7May 26, 2023
• CVE-2023-26020Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Crafter Studio5.7Feb 17, 2023
• CVE-2022-40635Improper Control of Dynamically-Managed Code Resources in Crafter Studio6.4Sep 13, 2022
• CVE-2022-40634Improper Control of Dynamically-Managed Code Resources in Crafter Studio6.4Sep 13, 2022
• CVE-2021-23267Improper Control of Dynamically-Managed Code Resources in Crafter Studio7.6May 16, 2022
• CVE-2021-23266Improper Output Neutralization for Logs in Crafter Studio4.3May 16, 2022
• CVE-2021-23265Improper Privilege Management in Crafter Studio3.5May 16, 2022
• CVE-2021-23264Transmission of Private Resources into a New Sphere ('Resource Leak') and Exposure of Resource to Wrong Sphere in Crafter Search8.1Dec 2, 2021
• CVE-2021-23263Transmission of Private Resources into a New Sphere ('Resource Leak') in Crafter Engine5.9Dec 2, 2021
• CVE-2021-23262Snakeyaml deserialization vulnerability bypass4.2Dec 2, 2021
• CVE-2021-23261Overriding the system configuration file causes a denial of service4.5Dec 2, 2021
• CVE-2021-23260Stored XSS Vulnerability in File Name of the File Upload function6.5Dec 2, 2021