CVE-2023-25657
Summary: CVE-2023-25657 affects Nautobot before 1.5.7, where the Jinja2 template engine was not sandboxed, potentially enabling remote code execution. In Nautobot 1.5.7 and later, sandboxed environments are enabled for Jinja2 rendering for objects such as extras.ComputedField, extras.CustomLink, ...