Vulnerabilities

CVE-2021-27903

by Fred · 30/06/2021

An issue was discovered in Craft CMS before 3.6.7. In some circumstances, a potential Remote Code Execution vulnerability existed on sites that did not restrict administrative changes (if an attacker were somehow able to hijack an administrator’s session).

Date published : 2021-06-30

https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#367—2021-02-23

https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#security

Related

Tags: Cybersecurity Alert