Lucene search

[email protected]CVE-2023-30179

HistoryJun 13, 2023 - 5:15 p.m.

CVE-2023-30179

2023-06-1317:15:14

CWE-94

[email protected]

web.nvd.nist.gov

craftcms

cve-2023-30179

ssti

rce

server-side template injection

security vulnerability

twig template

remote code execution

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.6%

JSON

CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection (SSTI). An authenticated attacker can inject Twig Template to User Photo Location field when setting User Photo Location in User Settings, lead to Remote Code Execution. NOTE: the vendor disputes this because only Administrators can add this Twig code, and (by design) Administrators are allowed to do that by default.

Affected configurations

NVD

Node

craftcmscraft_cmsMatch3.7.59

CPENameOperatorVersion
craftcms:craft_cmscraftcms craft cmseq3.7.59

CPE	Name	Operator	Version
craftcms:craft_cms	craftcms craft cms	eq	3.7.59

References

datnlq.gitbook.io/cve/craft-cms/cve-2023-30179-server-side-template-injection

github.com/craftcms/cms/blob/develop/CHANGELOG.md#442---2023-03-14

github.com/github/advisory-database/pull/2443#issuecomment-1610040714

github.com/github/advisory-database/pull/2443#issuecomment-1610634200

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.6%

JSON

Related for CVE-2023-30179

veracode1 prion1 osv1 github1 cvelist1 nvd1