RSS   Vulnerabilities for 'Studio'   RSS

2020-10-06
 
CVE-2020-25803

CWE-913
 

 
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7.

 
 
CVE-2020-25802

CWE-913
 

 
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7.

 

 >>> Vendor: Craftercms 2 Products
Studio
Crafter cms


Copyright 2024, cxsecurity.com

 

Back to Top