Craftycontrol: >> Crafty Controller Security Vulnerabilities
An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection.
CVSS Score
9.9
EPSS Score
0.002
Published
2025-12-17
An input neutralization vulnerability in the Server MOTD component of Crafty Controller allows a remote, unauthenticated attacker to perform stored XSS via server MOTD modification.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-12-17
An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input.
CVSS Score
7.6
EPSS Score
0.0
Published
2025-06-15
A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Service (DoS) condition via a modified host header
CVSS Score
7.5
EPSS Score
0.005
Published
2024-02-03