1042 matches found
PT-2026-38961
Name of the Vulnerable Software and Affected Versions SEPPmail Secure Email Gateway versions prior to 15.0.4 Description The new GINA UI contains a server-side template injection SSTI—a flaw where an application embeds user input into a server-side template without proper validation—because an...
Yeti Platform 代码注入漏洞
Yeti Platform is an open-source daily threat intelligence platform developed by Yeti Platform. Versions of Yeti Platform prior to 2.1.12 contained a code injection vulnerability. This vulnerability stemmed from server-side template injection during the custom template export function, which could...
CVE-2024-46507
A SSTI server side template injection vulnerability in the custom template export function in yeti-platform yeti before 2.1.12 allows attackers to execute code on the application server...
CVE-2024-46507
A SSTI server side template injection vulnerability in the custom template export function in yeti-platform yeti before 2.1.12 allows attackers to execute code on the application server...
CVE-2026-33587
Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Python code and subsequently OS commands on the docker container via Server-Side Template Injection SSTI for user-created transformations...
CVE-2026-33587 Remote Code Execution (RCE) via Server-Side Template Injection (SSTI)
Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Python code and subsequently OS commands on the docker container via Server-Side Template Injection SSTI for user-created transformations...
PT-2026-38418
Name of the Vulnerable Software and Affected Versions Open Notebook version 1.8.3 Description Insufficient user input sanitization allows an application user to perform Server-Side Template Injection SSTI, a flaw where an attacker can inject malicious templates into a server-side engine. This...
CVE-2026-38431
ERPNext v15.103.1 and before is vulnerable to Server-Side Template Injection SSTI. An attacker with permission to create or edit email templates can inject template expressions that are executed on the server when the template is rendered...
CVE-2026-38431
ERPNext v15.103.1 and before is vulnerable to Server-Side Template Injection SSTI. An attacker with permission to create or edit email templates can inject template expressions that are executed on the server when the template is rendered...
CVE-2026-38431
ERPNext v15.103.1 and before is vulnerable to Server-Side Template Injection SSTI. An attacker with permission to create or edit email templates can inject template expressions that are executed on the server when the template is rendered...
Expression Language Injection
Overview Affected versions of this package are vulnerable to Expression Language Injection when dynamically loading classes, which allows server-side template injection that crosses the intended sandbox boundary. An attacker can execute unauthorized expressions with the privileges of the server b...
WebPentestKit2
\ 🛡️ WebPentestKit2 \Advanced Web Application Exploitatio...
Server-Side Template Injection (SSTI)
getkirby/cms is vulnerable to Server-Side Template Injection SSTI. The vulnerability is due to improper enforcement of page status permissions during page creation through the REST API, which allows an attacker to create published pages directly and bypass the intended editorial workflow...
LiteLLM: Server-Side Template Injection in /prompts/test endpoint
Impact The POST /prompts/test endpoint accepted user-supplied prompt templates and rendered them without sandboxing. A crafted template could run arbitrary code inside the LiteLLM Proxy process. The endpoint only checks that the caller presents a valid proxy API key, so any authenticated user cou...
CVE-2026-34587 Kirby has Server-Side Template Injection (SSTI) via double template resolution in option rendering
Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, Kirby's user permissions control which user role is allowed to perform specific actions to content models in the CMS. These permissions are defined for each role in the user blueprint site/blueprints/users/.... ...
CVE-2026-34587
Kirby CMS has a vulnerability (CVE-2026-34587) where the REST API could override the isDraft flag during page creation, bypassing the editorial workflow and allowing authenticated users with pages.create to publish pages immediately instead of creating drafts. Affected releases (prior to 4.9.0 an...
PT-2026-34816
Name of the Vulnerable Software and Affected Versions Kirby versions prior to 4.9.0 Kirby versions prior to 5.4.0 Description Kirby contains two distinct issues. First, the REST API allows the isDraft flag to be overridden during page creation. This enables authenticated attackers with the...
CVE-2026-40478
A flaw was found in Thymeleaf, a server-side Java template engine. An unauthenticated remote attacker can exploit this vulnerability by providing unvalidated user input to the template engine. This bypasses existing security mechanisms, allowing for the execution of unauthorized expressions and...
CVE-2026-40477
A flaw was found in Thymeleaf, a server-side Java template engine. An unauthenticated remote attacker can exploit a security bypass vulnerability in the expression execution mechanisms. By providing unvalidated user input directly to the template engine, the attacker can bypass the library's...
Exploit for CVE-2026-4257
⚡ WordPress - Contact Form 7 - Unauthenticated SSTI To Remote...