Описание
CrafterCMS Crafter Studio Improperly Controls Dynamically-Managed Code Resources
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI.
Пакеты
Наименование
org.craftercms:crafter-studio
maven
Затронутые версииВерсия исправления
>= 3.1.0, < 3.1.23
3.1.23
Связанные уязвимости
CVSS3: 6.4
nvd
больше 3 лет назад
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI.