Lucene search
K

17 matches found

CVE
CVE
added 2026/05/19 9:18 a.m.27 views

CVE-2026-29207

CVE-2026-29207 affects Apache OFBiz up to version 24.09.05 (pre-24.09.06) and can enable an improper neutralization of template engine elements, with Low-Privilege server-side SSTI that can lead to RCE in the Content component. The recommended remediation is to upgrade to OFBiz 24.09.06 or later....

6.5CVSS5.7AI score0.00541EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.18 views

PT-2026-40350

An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...

9.4CVSS6AI score0.00371EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 11:32 p.m.35 views

CVE-2026-1813 bolo-blog bolo-solo FreeMarker Template PicUploadProcessor.java unrestricted upload

A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...

6.5CVSS0.00333EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/21 12:30 a.m.10 views

CVE-2025-64087

A Server-Side Template Injection SSTI vulnerability in the FreeMarker component of opensagres XDocReport v1.0.0 to v2.1.0 allows attackers to execute arbitrary code via injecting crafted template expressions...

9.8CVSS6.1AI score0.00504EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/08 3:12 p.m.4 views

CVE-2026-22244 OpenMetadata Server-Side Template Injection (SSTI) in FreeMarker email templates that leads to RCE

OpenMetadata is a unified metadata platform. Versions prior to 1.11.4 are vulnerable to remote code execution via Server-Side Template Injection SSTI in FreeMarker email templates. An attacker must have administrative privileges to exploit the vulnerability. Version 1.11.4 contains a patch...

9.4CVSS7.9AI score0.0076EPSS
Exploits1References2
CVE
CVE
added 2026/01/08 3:12 p.m.14 views

CVE-2026-22244

OpenMetadata is affected by CVE-2026-22244 due to Server-Side Template Injection (SSTI) in FreeMarker email templates. Affected versions: prior to 1.11.4; exploitation requires administrative privileges and can lead to remote code execution. OpenMetadata 1.11.4 contains a patch. References and Re...

9.4CVSS7.9AI score0.0076EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/01/08 3:12 p.m.9 views

CVE-2026-22244 OpenMetadata Server-Side Template Injection (SSTI) in FreeMarker email templates that leads to RCE

OpenMetadata is a unified metadata platform. Versions prior to 1.11.4 are vulnerable to remote code execution via Server-Side Template Injection SSTI in FreeMarker email templates. An attacker must have administrative privileges to exploit the vulnerability. Version 1.11.4 contains a patch...

9.4CVSS7.9AI score0.0076EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.8 views

PT-2026-2180

Name of the Vulnerable Software and Affected Versions OpenMetadata versions prior to 1.11.4 Description OpenMetadata is a unified metadata platform susceptible to remote code execution through Server-Side Template Injection SSTI within FreeMarker email templates. Exploitation requires an attacker...

9.4CVSS8AI score0.0076EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/01/07 7:33 p.m.25 views

OpenMetadata's Server-Side Template Injection (SSTI) in FreeMarker email templates leads to RCE

OpenMetadata RCE Vulnerability - Proof of Concept Executive Summary CRITICAL Remote Code Execution vulnerability confirmed in OpenMetadata v1.11.2 via Server-Side Template Injection SSTI in FreeMarker email templates. Credit - @lnlinh31, @satthusaosan, @TheMacCuoi, @get-wright, @Ohnooo1234,...

9.4CVSS6.1AI score0.0076EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/18 12:44 a.m.14 views

CVE-2025-56316

A SQL injection vulnerability in the contenttitle parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering...

9.8CVSS8.5AI score0.00594EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2025/10/17 9:31 p.m.11 views

MCMS vulnerable SQL injection via the content_title parameter

A SQL injection vulnerability in the contenttitle parameter of the /cms/content/list endpoint in MCMS 5.5.0 through 6.0.1 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering...

9.8CVSS8.6AI score0.00594EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/10/17 12:0 a.m.10 views

CVE-2025-56316

A SQL injection vulnerability in the contenttitle parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering...

0.00594EPSS
Exploits1References2
OSV
OSV
added 2025/10/17 12:0 a.m.8 views

CVE-2025-56316

A SQL injection vulnerability in the contenttitle parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering...

9.8CVSS8.6AI score0.00594EPSS
Exploits1References4
Veracode
Veracode
added 2025/09/01 9:4 a.m.5 views

Server-Side Request Forgery (SSRF)

Liferay Portal is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper access validation due to crafted URLs in FreeMarker templates that allow template editors to bypass restrictions...

5.1CVSS7AI score0.00215EPSS
Exploits0References3Affected Software3
OSV
OSV
added 2021/02/19 11:15 p.m.4 views

CVE-2020-12873

An issue was discovered in Alfresco Enterprise Content Management ECM before 6.2.1. A user with privileges to edit a FreeMarker template e.g., a webscript may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running Alfresco...

8.8CVSS6AI score0.01616EPSS
Exploits1References2
Snyk
Snyk
added 2020/04/09 11:33 a.m.4 views

Server-side Template Injection (SSTI)

Overview freemarker:freemarker is a FreeMarker is a "template engine"; a generic tool to generate text output based on templates. Affected versions of this package are vulnerable to Server-side Template Injection SSTI. By allowing user input into java.security.ProtectionDomain.getClassLoader,...

7.5CVSS7.6AI score
Exploits0References2
OSV
OSV
added 2017/12/13 3:29 p.m.3 views

CVE-2017-14589

It was possible for double OGNL evaluation in FreeMarker templates through Struts FreeMarker tags to occur. An attacker who has restricted administration rights to Bamboo or who hosts a website that a Bamboo administrator visits, is able to exploit this vulnerability to execute Java code of their...

9.6CVSS5.9AI score0.01873EPSS
Exploits1References3
Rows per page
Query Builder