Carlos Ortiz

**Name of the Vulnerable Software and Affected Versions** CrafterCMS versions 4.0.0 through 4.0.7 CrafterCMS versions 4.1.0 through 4.1.5 **Description** The issue affects CrafterCMS, allowing Directory Indexing and Resource Leak Exposure due to a 'Resource Leak' vulnerability. This vulnerability enables the transmission of private resources into a new sphere. **Recommendations** For CrafterCMS versions 4.0.0 through 4.0.7, update to version 4.0.8 or later. For CrafterCMS versions 4.1.0 through 4.1.5, update to version 4.1.6 or later.

**Name of the Vulnerable Software and Affected Versions** Crafter CMS versions (affected versions not specified) **Description** The issue allows unauthenticated remote attackers to read textual content via FreeMarker, including files in /scripts/*, /templates/*, and some non-binary files in /.git/*. This is related to security configuration errors in the content management system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.