Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2023-1304

🗓️ 21 Mar 2023 17:11:15Reported by [email protected]Type 
nvd
 nvd🔗 web.nvd.nist.gov👁 7 Views

Exposure of getattr() method in Jinja template leads to OS command execution

Show more
Related
Detection
Refs
ReporterTitlePublishedViews
Family
CVE		CVE-2023-1304
21 Mar 202317:15
cve
Cvelist		CVE-2023-1304 Rapid7 InsightCloudSec getattr() method access
21 Mar 202316:45
cvelist
Prion		Code injection
21 Mar 202317:15
prion
Vulnrichment		CVE-2023-1304 Rapid7 InsightCloudSec getattr() method access
21 Mar 202316:45
vulnrichment
Nvd
Node
rapid7insightappsecRange<23.2.1self-managed
OR
rapid7insightcloudsecRange<2023.02.01managed
OR
rapid7insightcloudsecRange<2023.02.01saas

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
21 Mar 2023 17:15Current
8.6High risk
Vulners AI Score8.6
CVSS38.8
EPSS0.00133
CWE-94
authenticated attackeros commandsprivate methodsmanaged deploymentsaas deploymentself-managed versioninsightcloudsecsecurity patch
7
.json
Report