CNNVD-202506-2605 Information
Jun 19, 2025
cve
CNNVD ID
CNNVD-202506-2605
Related CVE
- CNNVD Published: 2025-06-19
Description (Chinese)
CrafterCMS是CrafterCMS公司的一个基于 Java 的 CMS。 CrafterCMS 4.0.0至4.2.2版本存在安全漏洞,该漏洞源于Groovy沙箱绕过导致认证开发者可以执行OS命令。
Description (English)
CrafterCMS is a Java-based CMS of CrafterCMS. There is a security loophole in CrafterCMS versions 4.0.0 to 4.2.2, which originates from the Groovy sandbox bypassing, which allows the authentication developer to execute the OS order.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
CrafterCMS
Published
2025-06-19
Last Modified
2026-02-24
References
https://docs.craftercms.org/current/security/advisory.html#cv-2025061901
Patch
https://craftercms.com/docs/current/security/advisory.html#cv-2025061901
Share on: