Lucene search
Veracode Vulnerability DatabaseVERACODE:35862HistoryJun 03, 2022 - 11:00 a.m.
Remote Code Execution
2022-06-0311:00:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
0.005 Low
EPSS
Percentile
77.0%
formio is vulnerable to remote code execution. The vulnerability exists when deleting default email template which allows an attacker to execute arbitrary code via ssti.
| CPE | Name | Operator | Version |
|---|---|---|---|
| formio | eq | 2.0.0 | |
| formio | le | 3.1.0-rc.2 |
Related
prion
prion
Remote code execution
2022-06-02 14:15:00
vulnrichment
vulnrichment
CVE-2020-28246
2022-05-31 00:00:00
github
github
Server-Side Template Injection in formio
2022-06-03 00:00:58
cve
cve
CVE-2020-28246
2022-06-02 14:15:26
osv
osv
Server-Side Template Injection in formio
2022-06-03 00:00:58
CVE-2020-28246
2022-06-02 14:15:26
cvelist
cvelist
CVE-2020-28246
2022-05-31 00:00:00
nvd
nvd
CVE-2020-28246
2022-06-02 14:15:26