Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Crafter Software — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting Crafter Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Crafter Software:Crafter CMS
CVE IDTitleCVSSSeverityPaused
CVE-2022-40635 Improper Control of Dynamically-Managed Code Resources in Crafter Studio — Crafter CMSCWE-913 6.4 Medium2022-09-13
CVE-2022-40634 Improper Control of Dynamically-Managed Code Resources in Crafter Studio — Crafter CMSCWE-913 6.4 Medium2022-09-13
CVE-2021-23267 Improper Control of Dynamically-Managed Code Resources in Crafter Studio — Crafter CMSCWE-913 7.6 High2022-05-16
CVE-2021-23266 Improper Output Neutralization for Logs in Crafter Studio — Crafter CMSCWE-117 4.3 Medium2022-05-16
CVE-2021-23265 Improper Privilege Management in Crafter Studio — Crafter CMSCWE-269 3.5 Low2022-05-16
CVE-2021-23264 Transmission of Private Resources into a New Sphere ('Resource Leak') and Exposure of Resource to Wrong Sphere in Crafter Search — Crafter CMSCWE-402 8.1 High2021-12-02
CVE-2021-23262 Snakeyaml deserialization vulnerability bypass — Crafter CMSCWE-913 4.2 Medium2021-12-02
CVE-2021-23263 Transmission of Private Resources into a New Sphere ('Resource Leak') in Crafter Engine — Crafter CMSCWE-402 5.9 Medium2021-12-02
CVE-2021-23261 Overriding the system configuration file causes a denial of service — Crafter CMSCWE-703 4.5 Medium2021-12-02
CVE-2021-23259 Groovy Sandbox Bypass — Crafter CMSCWE-913 4.2 Medium2021-12-02
CVE-2021-23260 Stored XSS Vulnerability in File Name of the File Upload function — Crafter CMSCWE-79 6.5 Medium2021-12-02
CVE-2021-23258 Spring SPEL Expression Language Injection — Crafter CMSCWE-913 4.2 Medium2021-12-02
CVE-2020-25803 Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via deep inspection of FreeMarker template exposed objects. — Crafter CMSCWE-913 4.2 Medium2020-10-06
CVE-2020-25802 Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via Groovy scripting. — Crafter CMSCWE-913 4.2 Medium2020-10-06

This page lists every published CVE security advisory associated with Crafter Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.