Craft CMS 4.2.0.1
Approved changes feed: RSS · Atom
cpe:2.3:a:craftcms:craft_cms:4.2.0.1:*:*:*:*:*:*:*
part: a version: 4.2.0.1 update: *
| Vendor | Craftcms (251e238f-ce53-56ed-bc94-804b74356686) |
|---|---|
| Product | Craft Cms (a92c5963-2d04-59bc-90a5-a8f29f883095) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/craftcms/cms |
purl2cpe | 2026-06-01 10:17:10.366993 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-37251 |
vulnerable | 2026-06-08 05:47:11.805626 |
Details available
Craft CMS 4.2.0.1 is vulnerable to Cross Site Scripting (XSS) via Drafts.
Published: 2022-09-16T20:54:16.000Z
Updated: 2024-08-03T10:29:20.604Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-37250 |
vulnerable | 2026-06-08 05:47:11.805139 |
Details available
Craft CMS 4.2.0.1 suffers from Stored Cross Site Scripting (XSS) in /admin/myaccount.
Published: 2022-09-16T14:57:51.000Z
Updated: 2025-06-03T18:03:34.717Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-37248 |
vulnerable | 2026-06-08 05:47:11.804422 |
Details available
Craft CMS 4.2.0.1 is vulnerable to Cross Site Scripting (XSS) via src/helpers/Cp.php.
Published: 2022-09-16T15:09:46.000Z
Updated: 2024-08-03T10:29:20.735Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-37247 |
vulnerable | 2026-06-08 05:47:11.803827 |
Details available
Craft CMS 4.2.0.1 is vulnerable to stored a cross-site scripting (XSS) via /admin/settings/fields page.
Published: 2022-09-16T20:27:42.000Z
Updated: 2024-08-03T10:29:20.962Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-37246 |
vulnerable | 2026-06-08 05:47:11.803219 |
Details available
Craft CMS 4.2.0.1 is affected by Cross Site Scripting (XSS) in the file src/web/assets/cp/src/js/BaseElementSelectInput.js and in specific on the line label: elementInfo.label.
Published: 2022-09-21T14:14:01.000Z
Updated: 2025-05-27T18:23:15.388Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.