Security Advisories¶
CV-2020080101¶
Date |
2020.08.01 |
|---|---|
Affected Versions |
3.0 < 3.0.27 |
Vulnerability Type |
RCE |
Risk |
Medium |
Description |
Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via Groovy scripting. |
CVE |
TBD |
CV-2020080102¶
Date |
2020.08.01 |
|---|---|
Affected Versions |
3.0 < 3.0.27 |
Vulnerability Type |
RCE |
Risk |
Medium |
Description |
Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via deep inspection of FreeMarker template exposed objects. |
CVE |
TBD |
CV-2018120601¶
Date |
2018.12.06 |
|---|---|
Affected Versions |
3.0 < 3.0.19 |
Vulnerability Type |
RCE |
Risk |
Medium |
Description |
Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via FreeMarker templates. |
CVE |