Medium severity5.3NVD Advisory· Published May 1, 2017· Updated May 13, 2026
CVE-2017-8383
CVE-2017-8383
Description
Craft CMS before 2.6.2976 does not properly restrict viewing the contents of files in the craft/app/ folder.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
craftcms/cmsPackagist | < 2.6.2976 | 2.6.2976 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- craftcms.com/changelognvdRelease NotesVendor AdvisoryWEB
- github.com/advisories/GHSA-7qq6-fgpw-xw45ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-8383ghsaADVISORY
- twitter.com/CraftCMS/status/857743080224473088nvdVendor AdvisoryWEB
News mentions
0No linked articles in our index yet.