CVE-2025-70830

A Server-Side Template Injection SSTI vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrary code via injecting crafted Freemarker template syntax into the SQL script field...

CVE-2025-70830

A Server-Side Template Injection SSTI vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrary code via injecting crafted Freemarker template syntax into the SQL script field...

PT-2026-20267

Name of the Vulnerable Software and Affected Versions Datart version 1.0.0-rc.3 Description A Server-Side Template Injection SSTI flaw exists in the Freemarker template engine of Datart. Authenticated attackers can execute arbitrary code by injecting crafted Freemarker template syntax into the SQ...

CVE-2025-70830

CVE-2025-70830 describes a Server-Side Template Injection (SSTI) in the Freemarker template engine of Datart v1.0.0-rc.3. An authenticated attacker can inject crafted Freemarker template syntax into the SQL script field to achieve arbitrary code execution. Affected software: Datart (Freemarker te...

CVE-2021-24301

The Hotjar Connecticator WordPress plugin through 1.1.1 is vulnerable to Stored Cross-Site Scripting XSS in the 'hotjar script' textarea. The request did include a CSRF nonce that was properly verified by the server and this vulnerability could only be exploited by administrator users...