3 matches found
CVE-2018-19907
A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. Attackers with developer privileges may execute OS commands by Creating/Editing a template file .ftl filetype that triggers a call to freemarker.template.utility.Execute in the FreeMarker library during rendering of a we...
CVE-2018-19907
Crafter CMS 3.0.18 is affected by a Server-Side Template Injection vulnerability. Attackers with developer privileges can cause the FreeMarker library call freemarker.template.utility.Execute while rendering a webpage by creating/editing a template file (.ftl), leading to OS command execution. Th...
CVE-2018-19907
A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. Attackers with developer privileges may execute OS commands by Creating/Editing a template file .ftl filetype that triggers a call to freemarker.template.utility.Execute in the FreeMarker library during rendering of a we...