Vulnerabilidades en Crafter Software
14 resultadosCVE-2021-23263MEDIUMTransmission of Private Resources into a New Sphere ('Resource Leak') in Crafter EngineEPSS 1.6%CVE-2022-40635MEDIUMImproper Control of Dynamically-Managed Code Resources in Crafter StudioEPSS 1.2%CVE-2022-40634MEDIUMImproper Control of Dynamically-Managed Code Resources in Crafter StudioEPSS 1.2%CVE-2021-23264HIGHTransmission of Private Resources into a New Sphere ('Resource Leak') and Exposure of Resource to Wrong Sphere in Crafter SearchEPSS 1.1%CVE-2020-25802MEDIUMAuthenticated attackers with developer privileges in Crafter Studio may execute OS commands via Groovy scripting.EPSS 1.1%CVE-2020-25803MEDIUMAuthenticated attackers with developer privileges in Crafter Studio may execute OS commands via deep inspection of FreeMarker template exposed objects.EPSS 1.1%CVE-2021-23267HIGHImproper Control of Dynamically-Managed Code Resources in Crafter StudioEPSS 0.8%CVE-2021-23259MEDIUMGroovy Sandbox BypassEPSS 0.7%CVE-2021-23258MEDIUMSpring SPEL Expression Language InjectionEPSS 0.7%CVE-2021-23261MEDIUMOverriding the system configuration file causes a denial of serviceEPSS 0.6%CVE-2021-23262MEDIUMSnakeyaml deserialization vulnerability bypassEPSS 0.6%CVE-2021-23265LOWImproper Privilege Management in Crafter StudioEPSS 0.5%CVE-2021-23266MEDIUMImproper Output Neutralization for Logs in Crafter StudioEPSS 0.5%CVE-2021-23260MEDIUMStored XSS Vulnerability in File Name of the File Upload functionEPSS 0.4%