3.0.40

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-25	CVE-2024-37843	SQL Injection vulnerability in Craftcms Craft CMS Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint. network low complexity craftcms CWE-89 critical	9.8
2024-01-30	CVE-2023-36260	Injection vulnerability in Craftcms Craft CMS An issue was discovered in the Feed Me plugin 4.6.1 for Craft CMS. network low complexity craftcms CWE-74	7.5
2024-01-03	CVE-2024-21622	Unspecified vulnerability in Craftcms Craft CMS Craft is a content management system. network low complexity craftcms	8.8
2023-08-23	CVE-2023-40035	Unspecified vulnerability in Craftcms Craft CMS Craft is a CMS for creating custom digital experiences on the web and beyond. network low complexity craftcms	7.2
2023-06-20	CVE-2023-33495	Cross-site Scripting vulnerability in Craftcms Craft CMS Craft CMS through 4.4.9 is vulnerable to HTML Injection. network low complexity craftcms CWE-79	6.1
2023-05-26	CVE-2023-33194	Cross-site Scripting vulnerability in multiple products Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. network low complexity craftcms craftercms CWE-79	4.8
2023-05-26	CVE-2023-33197	Cross-site Scripting vulnerability in Craftcms Craft CMS Craft is a CMS for creating custom digital experiences on the web. network low complexity craftcms CWE-79	5.4
2023-05-26	CVE-2023-2817	Cross-site Scripting vulnerability in Craftcms Craft CMS A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions <= 4.4.11. network low complexity craftcms CWE-79	5.4
2023-05-09	CVE-2023-31144	Unspecified vulnerability in Craftcms Craft CMS Craft CMS is a content management system. network low complexity craftcms	6.1
2023-03-03	CVE-2023-23927	Unspecified vulnerability in Craftcms Craft CMS Craft is a platform for creating digital experiences. network low complexity craftcms	5.4