Description Craft CMS before 2.6.2976 does not properly restrict viewing the contents of files in the craft/app/ folder. Remediation References CVE-2017-8383 Related Vulnerabilities MySQL CVE-2019-2623 Vulnerability (CVE-2019-2623) EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14547) WordPress Plugin Podlove Podcast Publisher SQL Injection (2.5.3) WordPress Plugin Best Image Gallery & Responsive Photo Gallery-FooGallery Cross-Site Scripting (1.9.24) Jenkins Origin Validation Error Vulnerability (CVE-2024-23898) Severity Medium Classification CVE-2017-8383 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities