Lucene search

CVE-2023-46245

🗓️ 31 Oct 2023 16:09:15Reported by GoogleType

osv🔗 osv.dev👁 19 Views

Kimai time-tracking app vulnerable to Server-Side Template Injection leading to Remote Code Execution

Reporter	Title	Published	Views	Family All 7
OSV	Kimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig File	30 Oct 202315:40	–	osv
Veracode	Remote Code Execution/Server Side Template Injection	31 Oct 202309:50	–	veracode
Prion	Remote code execution	31 Oct 202316:15	–	prion
Cvelist	CVE-2023-46245 Kimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig File	31 Oct 202315:06	–	cvelist
CVE	CVE-2023-46245	31 Oct 202316:15	–	cve
NVD	CVE-2023-46245	31 Oct 202316:15	–	nvd
Github Security Blog	Kimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig File	30 Oct 202315:40	–	github

Source	Link
github	www.github.com/kimai/kimai/security/advisories/GHSA-fjhg-96cp-6fcw
github	www.github.com/kimai/kimai/commit/38e37f1c2e91e1acb221ec5c13f11b735bd50ae4

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

31 Oct 2023 16:15Current

8High risk

Vulners AI Score8

CVSS37.2

EPSS0.00155