WEB APPLICATION VULNERABILITIES Standard & Premium

Craft CMS CVE-2017-8383 Vulnerability (CVE-2017-8383)

Description

Craft CMS before 2.6.2976 does not properly restrict viewing the contents of files in the craft/app/ folder.

Remediation

References

Related Vulnerabilities

WordPress Plugin WooCommerce Address Book Cross-Site Request Forgery (1.5.6)

WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.5)

WordPress Plugin BuddyPress Extended Friendship Request Cross-Site Scripting (1.0.1)

WordPress Plugin Unlimited Pop-Ups Multiple Cross-Site Scripting Vulnerabilities (1.4.3)

OpenSSL Cryptographic Issues Vulnerability (CVE-2010-0742)

Severity

Medium

Classification

CVE-2017-8383 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities