406 matches found
CVE-2025-23211 Tandoor Recipes - SSTI - Remote Code Execution
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. A Jinja2 SSTI vulnerability allows any user to execute commands on the server. In the case of the provided Docker Compose file as root. This vulnerability is fixed in 1.5.24...
CVE-2025-23211 Tandoor Recipes - SSTI - Remote Code Execution
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. A Jinja2 SSTI vulnerability allows any user to execute commands on the server. In the case of the provided Docker Compose file as root. This vulnerability is fixed in 1.5.24...
PT-2025-4850
Name of the Vulnerable Software and Affected Versions: Tandoor Recipes versions prior to 1.5.24 Description: The issue is related to a Jinja2 SSTI vulnerability that allows any user to execute commands on the server, potentially with root privileges in the case of the provided Docker Compose file...
CVE-2024-56363
APTRS (Automated Penetration Testing Reporting System) v1.0 is affected by a server-side template injection in Jinja2 due to improper sanitization of user input passed from ckeditor fields. The vulnerability allows an attacker to inject Jinja2 syntax (e.g., {{ config }}, {{ self.class.mro[1].subc...
GO-2024-3324 SiYuan has an SSTI via /api/template/renderSprig in github.com/siyuan-note/siyuan/kernel
SiYuan has an SSTI via /api/template/renderSprig in github.com/siyuan-note/siyuan/kernel...
GHSA-4PJC-PWGQ-Q9JP SiYuan has an SSTI via /api/template/renderSprig
Summary Siyuan's /api/template/renderSprig endpoint is vulnerable to Server-Side Template Injection SSTI through the Sprig template engine. Although the engine has limitations, it allows attackers to access environment variables Impact Information leakage...
SiYuan has an SSTI via /api/template/renderSprig
Summary Siyuan's /api/template/renderSprig endpoint is vulnerable to Server-Side Template Injection SSTI through the Sprig template engine. Although the engine has limitations, it allows attackers to access environment variables Impact Information leakage...
AutoGPT SSTI Vulnerability Leading to Remote Code Execution (RCE)
Summary AutoGPT, an open-source AI tool that automates task execution, is vulnerable to a Server-Side Template Injection SSTI that could lead to arbitrary command execution. The vulnerability arises from the improper handling of user-supplied format strings in the AgentOutputBlock implementation,...
Backstage Scaffolder plugin vulnerable to Server-Side Request Forgery
Impact A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an attacker to capture privileged git tokens used by the Backstage Scaffolder plugin. With these...
CVE-2024-53983
The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an...
CVE-2024-53983 Server-side request forgery in Backstage Scaffolder plugin
The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an...
CVE-2024-53983
The CVE concerns Backstage Scaffolder template handling where Server-Side Template Injection (SSTI) can be abused to inject Git config and capture privileged Git tokens used by the Backstage Scaffolder plugin. This enables unauthorized access to Git resources, with a medium impact per the Backsta...
CVE-2024-53983 Server-side request forgery in Backstage Scaffolder plugin
The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an...
CVE-2024-53983 Server-side request forgery in Backstage Scaffolder plugin
The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection SSTI can be exploited to perform Git config injection. The vulnerability allows an...
CVE-2024-48962 Apache OFBiz: Bypass SameSite restrictions with target redirection using URL parameters (SSTI and CSRF leading to RCE)
Improper Control of Generation of Code 'Code Injection', Cross-Site Request Forgery CSRF, : Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.17. Users are recommended to upgrade to version 18.12.17,...
CVE-2024-52291
Craft is a content management system CMS. A vulnerability in CraftCMS allows an attacker to bypass local file system validation by utilizing a double file:// scheme e.g., file://file:////. This enables the attacker to specify sensitive folders as the file system, leading to potential file...
CVE-2024-52293
Craft is a content management system CMS. Prior to 4.12.2 and 5.4.3, Craft is missing normalizePath in the function FileHelper::absolutePath could lead to Remote Code Execution on the server via twig SSTI. This is a sequel to CVE-2023-40035. This vulnerability is fixed in 4.12.2 and 5.4.3...
CVE-2024-52291 Craft has a Local File System Validation Bypass Leading to File Overwrite, Sensitive File Access, and Potential Code Execution
Craft is a content management system CMS. A vulnerability in CraftCMS allows an attacker to bypass local file system validation by utilizing a double file:// scheme e.g., file://file:////. This enables the attacker to specify sensitive folders as the file system, leading to potential file...
CVE-2024-52291 Craft has a Local File System Validation Bypass Leading to File Overwrite, Sensitive File Access, and Potential Code Execution
Craft is a content management system CMS. A vulnerability in CraftCMS allows an attacker to bypass local file system validation by utilizing a double file:// scheme e.g., file://file:////. This enables the attacker to specify sensitive folders as the file system, leading to potential file...
CVE-2024-52293
Craft CMS prior to 4.12.2 and 5.4.3 is vulnerable due to missing normalizePath in FileHelper::absolutePath, enabling potential Remote Code Execution via Twig SSTI. This is a sequel to CVE-2023-40035. The issue is fixed in Craft 4.12.2 and 5.4.3. Affected versions should upgrade to the specified f...