Vulnerabilities > Craftercms > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-16 | CVE-2021-23267 | Improper Control of Dynamically-Managed Code Resources vulnerability in Craftercms Crafter CMS Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods. | 9.0 |
| 2020-10-06 | CVE-2020-25803 | Improper Control of Dynamically-Managed Code Resources vulnerability in Craftercms Studio Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. | 9.0 |
| 2020-10-06 | CVE-2020-25802 | Improper Control of Dynamically-Managed Code Resources vulnerability in Craftercms Studio Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. | 9.0 |