CVE-2017-8383
MEDIUMCraft CMS <2.6.2976 - Info Disclosure
Title source: llmDescription
Craft CMS before 2.6.2976 does not properly restrict viewing the contents of files in the craft/app/ folder.
Scores
CVSS v3
5.3
EPSS
0.0032
EPSS Percentile
54.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Classification
Status
published
Affected Products (3)
craftcms/craft_cms
< 2.6.2974
craftcms/cms
< 2.6.2976Packagist
n/a/n/a
Timeline
Published
May 01, 2017
Tracked Since
Feb 18, 2026