Vulnerabilites related to CrafterCMS - CrafterCMS
CVE-2023-26020 (GCVE-0-2023-26020)
Vulnerability from cvelistv5
Published
2023-02-17 17:24
Modified
2025-03-12 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Version: 4.0.0 ≤ 4.0.1 Version: 3.1.0 ≤ 3.1.26 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023021701"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T20:05:35.144543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T20:05:48.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Studio",
"platforms": [
"Linux",
"MacOS",
"Windows",
"x86",
"ARM",
"64 bit"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThanOrEqual": "4.0.1",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.26",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gil Correia \u003cgil.correia@devoteam.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.\u003cp\u003eThis issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-17T17:24:45.089Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023021701"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) in Crafter Studio",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2023-26020",
"datePublished": "2023-02-17T17:24:45.089Z",
"dateReserved": "2023-02-17T17:01:02.361Z",
"dateUpdated": "2025-03-12T20:05:48.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6384 (GCVE-0-2025-6384)
Vulnerability from cvelistv5
Published
2025-06-19 20:57
Modified
2025-06-23 20:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Summary
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.
By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).
This issue affects CrafterCMS: from 4.0.0 through 4.2.2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Version: 4.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-23T20:22:35.235439Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T20:22:46.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"packageName": "Studio",
"platforms": [
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThan": "4.3.0",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Matei \"Mal\" Badanoiu"
}
],
"datePublic": "2025-06-19T20:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.\u003c/p\u003e\u003cp\u003eBy inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).\u003c/p\u003e\u003cp\u003eThis issue affects CrafterCMS: from 4.0.0 through 4.2.2.\u003c/p\u003e"
}
],
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.\n\nBy inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).\n\nThis issue affects CrafterCMS: from 4.0.0 through 4.2.2."
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-19T20:57:04.714Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://docs.craftercms.org/current/security/advisory.html#cv-2025061901"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Control of Dynamically-Managed Code Resources in Crafter Studio",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2025-6384",
"datePublished": "2025-06-19T20:57:04.714Z",
"dateReserved": "2025-06-19T20:45:58.222Z",
"dateUpdated": "2025-06-23T20:22:46.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0502 (GCVE-0-2025-0502)
Vulnerability from cvelistv5
Published
2025-01-15 17:47
Modified
2025-01-15 20:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-402 - Transmission of Private Resources into a New Sphere ('Resource Leak')
Summary
Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Version: 4.0.0 ≤ Version: 4.1.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T20:06:56.483058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T20:07:34.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Engine",
"platforms": [
"Linux",
"MacOS",
"x86",
"Windows",
"64 bit",
"ARM"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThan": "4.0.8",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "4.1.6",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "Carlos Ortiz, https://github.com/cortiz"
}
],
"datePublic": "2025-01-15T15:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027) vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.\u003cp\u003eThis issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6.\u003c/p\u003e"
}
],
"value": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027) vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6."
}
],
"impacts": [
{
"capecId": "CAPEC-127",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-127 Directory Indexing"
}
]
},
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-402",
"description": "CWE-402: Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T18:00:41.606Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://craftercms.com/docs/current/security/advisory.html#cv-2025011501"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Transmission of Private Resources into a New Sphere in Crafter Engine",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Block external access to the two APIs:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003ctt\u003e/api/1/site/content_store/tree.json\u003c/tt\u003e\u003c/li\u003e\u003cli\u003e\u003ctt\u003e/api/1/site/content_store/item.json\u003c/tt\u003e\u003c/li\u003e\u003c/ul\u003eAnother approach is to block all APIs that start with \u003ctt\u003e/api/1/site\u003c/tt\u003e; this can be done by changing \u003ctt\u003eserver-config.properties\u003c/tt\u003e\u0026nbsp;to have the property:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e# restrict site API access\u003cbr\u003ecrafter.core.rest.content.store.url.allowedPatterns=^/?site(/.*)?$\u003c/tt\u003e"
}
],
"value": "Block external access to the two APIs:\n * /api/1/site/content_store/tree.json\n * /api/1/site/content_store/item.json\n\n\nAnother approach is to block all APIs that start with /api/1/site; this can be done by changing server-config.properties\u00a0to have the property:\n\n# restrict site API access\ncrafter.core.rest.content.store.url.allowedPatterns=^/?site(/.*)?$"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2025-0502",
"datePublished": "2025-01-15T17:47:51.440Z",
"dateReserved": "2025-01-15T17:42:29.348Z",
"dateUpdated": "2025-01-15T20:07:34.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33194 (GCVE-0-2023-33194)
Vulnerability from cvelistv5
Published
2023-05-26 20:30
Modified
2025-01-14 19:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Summary
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was patched in version 4.4.6.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:35.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9"
},
{
"name": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888"
},
{
"name": "https://github.com/craftcms/cms/releases/tag/4.4.6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/craftcms/cms/releases/tag/4.4.6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33194",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T19:25:03.350854Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T19:25:11.922Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cms",
"vendor": "craftcms",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0.0-RC1, \u003c 4.4.6"
},
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c= 3.8.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn\u2019t fix it when clicking save. This issue was patched in version 4.4.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-26T20:30:23.382Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9"
},
{
"name": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888"
},
{
"name": "https://github.com/craftcms/cms/releases/tag/4.4.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/craftcms/cms/releases/tag/4.4.6"
}
],
"source": {
"advisory": "GHSA-3wxg-w96j-8hq9",
"discovery": "UNKNOWN"
},
"title": "CraftCMS stored XSS in Quick Post widget error message"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-33194",
"datePublished": "2023-05-26T20:30:23.382Z",
"dateReserved": "2023-05-17T22:25:50.699Z",
"dateUpdated": "2025-01-14T19:25:11.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4136 (GCVE-0-2023-4136)
Vulnerability from cvelistv5
Published
2023-08-03 13:33
Modified
2025-02-13 17:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CrafterCMS | CrafterCMS |
Version: 4.0.0 ≤ 4.0.2 Version: 3.1.0 ≤ 3.1.27 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:17:12.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/30"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T20:31:02.416127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T20:34:33.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "Engine",
"platforms": [
"Windows",
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit"
],
"product": "CrafterCMS",
"vendor": "CrafterCMS",
"versions": [
{
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.1.27",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Egidio Romano \u003cegidio.romano@mindedsecurity.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.\u003cp\u003eThis issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-23T14:06:10.349Z",
"orgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"shortName": "crafter"
},
"references": [
{
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/30"
},
{
"url": "http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in Crafter Engine",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eAdd a WAF to inspect and filter these types of attacks\u003c/li\u003e\u003cli\u003eDisable external access to these APIs if not in active use by the rendering application\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "* Add a WAF to inspect and filter these types of attacks\n * Disable external access to these APIs if not in active use by the rendering application"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4ff2b028-869f-4b00-a7b2-05997f6f14fd",
"assignerShortName": "crafter",
"cveId": "CVE-2023-4136",
"datePublished": "2023-08-03T13:33:10.409Z",
"dateReserved": "2023-08-03T13:08:38.129Z",
"dateUpdated": "2025-02-13T17:09:02.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-05-26 21:15
Modified
2024-11-21 08:05
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was patched in version 4.4.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| craftcms | craft_cms | * | |
| craftcms | craft_cms | * | |
| craftercms | craftercms | 4.0.0 | |
| craftercms | craftercms | 4.0.0 | |
| craftercms | craftercms | 4.0.0 | |
| craftercms | craftercms | 4.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFF5C13-E1E0-461B-BD72-CF35DAC6325C",
"versionEndExcluding": "3.8.6",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79995027-0F4D-4586-9F49-D6A56D701E45",
"versionEndExcluding": "4.4.6",
"versionStartIncluding": "4.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftercms:craftercms:4.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "533BCAA2-8264-4394-8C2C-0F50E24060D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftercms:craftercms:4.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "06BBD5BE-B2CD-466A-82E5-A20D4F48F09C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftercms:craftercms:4.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4DE692C6-F31D-4EF6-879E-18E9F1701163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftercms:craftercms:4.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0E057291-3824-48A3-9FB8-EC7060A124E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn\u2019t fix it when clicking save. This issue was patched in version 4.4.6."
}
],
"id": "CVE-2023-33194",
"lastModified": "2024-11-21T08:05:05.833",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-26T21:15:20.890",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/craftcms/cms/releases/tag/4.4.6"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit"
],
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/craftcms/cms/commit/9d0cd0bda7c8a830a3373f8c0f06943e519ac888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/craftcms/cms/releases/tag/4.4.6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-3wxg-w96j-8hq9"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-80"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-03 15:15
Modified
2025-02-13 17:17
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| craftercms | craftercms | * | |
| craftercms | craftercms | * | |
| apple | macos | - | |
| apple | macos | - | |
| apple | macos | - | |
| linux | linux_kernel | - | |
| linux | linux_kernel | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - | |
| microsoft | windows | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:craftercms:craftercms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB2B55E-7AF1-4AF0-9A0E-DDADE04E92D1",
"versionEndIncluding": "3.1.27",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:craftercms:craftercms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF9083D-374D-4334-ADF8-40FC1F3E788F",
"versionEndIncluding": "4.0.2",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:arm:*",
"matchCriteriaId": "D09455C4-6123-484B-BC46-C2EB3FE6E7CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "8D9FFE94-BD18-47A2-ADD3-2D41057BAEFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "B685D4BF-96A4-43A5-AED0-212F3FAFCC6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:arm:*",
"matchCriteriaId": "B9B95293-E81B-43D2-A8FB-D7F16D519C39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "71BFBE5F-56EB-45C9-B558-FC4D7CEA345A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1015B147-4C7F-4E85-9E9F-707CE732498C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:arm:*",
"matchCriteriaId": "4D3B2732-279B-4451-BEA7-C5A6B50BC422",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "82132539-3C34-4B63-BE2A-F51077D8BC5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "60366048-32FE-4081-A852-04319FD7A52C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27."
}
],
"id": "CVE-2023-4136",
"lastModified": "2025-02-13T17:17:15.710",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "security@craftersoftware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-03T15:15:34.167",
"references": [
{
"source": "security@craftersoftware.com",
"url": "http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html"
},
{
"source": "security@craftersoftware.com",
"url": "http://seclists.org/fulldisclosure/2023/Aug/30"
},
{
"source": "security@craftersoftware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2023/Aug/30"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301"
}
],
"sourceIdentifier": "security@craftersoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@craftersoftware.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}