Vulnerabilities in Craft CMS

Craft CMS

Insufficient Session Expiration in Craft CMS26 Jul, 2024
Medium Patched

Cross-site scripting in Craft CMS09 May, 2024
Low Patched

Server-side template injection in Craft CMS07 Mar, 2024
Medium Patched

Craft CMS update for composer15 Feb, 2024
Low Patched

Privilege escalation in Craft CMS04 Jan, 2024
High Patched

Privilege escalation in Craft CMS04 Jan, 2024
High Patched

Privilege escalation in Craft CMS03 Jan, 2024
Medium Patched

Remote code execution in Craft CMS18 Oct, 2023
High Patched

Remote code execution in Craft CMS14 Sep, 2023
High Patched Public exploit

Security restrictions bypass in Craft CMS21 Aug, 2023
Low Patched

Information disclosure in Craft CMS10 Aug, 2023
Medium Patched

Remote code execution in Craft CMS19 Jul, 2023
High Patched

Remote code execution in Craft CMS04 Jul, 2023
High Patched

Multiple vulnerabilities in Craft CMS29 May, 2023
Low Patched

Stored XSS in Craft CMS26 May, 2023
Low Patched

Stored cross-site scripting in Craft CMS22 May, 2023
Low Patched

Server-side template injection in Craft CMS19 May, 2023
Medium Patched

Stored cross-site scripting in Craft CMS20 Mar, 2023
Low Patched

CSV Injection in Craft CMS05 Oct, 2021
Medium Patched

Cross-site scripting in Craft CMS05 Jul, 2021
Low Patched