CVE-2024-37621

2024-06-1714:15:11

[email protected]

web.nvd.nist.gov

strongshop v1.0

server-side template injection

shippingoptionconfig

index.blade.php

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

StrongShop v1.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the component /shippingOptionConfig/index.blade.php.

References

github.com/Hebing123/cve/issues/47

www.strongshop.cn