Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.
References
Link | Resource |
---|---|
https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: crafter
Published: 2022-09-13T00:00:00
Updated: 2022-09-13T18:25:10
Reserved: 2022-09-13T00:00:00
Link: CVE-2022-40635
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-13T19:15:13.440
Modified: 2022-09-16T02:41:42.877
Link: CVE-2022-40635
JSON object: View
Redhat Information
No data.
CWE