CrafterCMS Engine 漏洞列表

共找到 1 个与 CrafterCMS Engine 相关的漏洞

📅 加载漏洞趋势中...

CVE-2023-4136: CrafterCMS Engine - Cross-Site Scripting POC

日期: 2025-08-01 | 影响软件: CrafterCMS Engine

CrafterCMS Engine is vulnerable to reflected cross-site scripting (XSS) via the transformerName parameter in the /api/1/site/url/transform endpoint, allowing attackers to execute arbitrary JavaScript in the context of the user.