Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Crafty_controller
(Craftycontrol)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-06-15 | CVE-2025-5990 | An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input. | Crafty_controller | 5.4 | ||
| 2024-02-03 | CVE-2024-1064 | A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Service (DoS) condition via a modified host header | Crafty_controller | 7.5 |