Astra Sites

Source repositories

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2024-47345	Med	0.38	5.9	0.00		Oct 6, 2024	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Starter Templates astra-sites allows Stored XSS.This issue affects Starter Templates: from n/a through <= 4.4.0.
CVE-2025-24568	Med	0.28	4.3	0.00		Jan 24, 2025	Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates astra-sites allows Cross Site Request Forgery.This issue affects Starter Templates: from n/a through <= 4.4.9.

CVE-2024-47345MedOct 6, 2024
risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Starter Templates astra-sites allows Stored XSS.This issue affects Starter Templates: from n/a through <= 4.4.0.
CVE-2025-24568MedJan 24, 2025
risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates astra-sites allows Cross Site Request Forgery.This issue affects Starter Templates: from n/a through <= 4.4.9.