Security Advisories - craftcms/cms - Packagist

craftcms/cms Security Advisories for 4.15.2 (1)

[MEDIUM] Craft CMS stores arbitrary content provided by unauthenticated users in session files

PKSA-ht16-h36v-hxc7 CVE-2025-35939 GHSA-7vrx-9684-xrf2

Affected version: <4.15.3|>=5.0.0-alpha.1,<5.7.5

Reported by:
GitHub

	
		OSZAR »