Craft is a content management system. This is a potential moderate impact, low complexity privilege escalation vulnerability in Craft starting in 3.x prior to 3.9.6 and 4.x prior to 4.4.16 with certain user permissions setups. This has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensure they are running at least those versions.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2024-0374 | Craft is a content management system. This is a potential moderate impact, low complexity privilege escalation vulnerability in Craft starting in 3.x prior to 3.9.6 and 4.x prior to 4.4.16 with certain user permissions setups. This has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensure they are running at least those versions. |
![]() |
GHSA-j5g9-j7r4-6qvx | Craft CMS Privilege Escalation |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Thu, 17 Apr 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-04-17T18:35:24.623Z
Reserved: 2023-12-29T03:00:44.953Z
Link: CVE-2024-21622

Updated: 2024-08-01T22:27:35.206Z

Status : Modified
Published: 2024-01-03T17:15:12.330
Modified: 2024-11-21T08:54:44.617
Link: CVE-2024-21622

No data.

No data.