Lucene search

Veracode Vulnerability DatabaseVERACODE:47502

HistoryJun 13, 2024 - 4:43 a.m.

Server-side Template Injection (SSTI)

2024-06-1304:43:13

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

server-side template injection

ssti

insufficient input sanitization

validation

malicious code

document merge service

vulnerability

templates

server execution

9.9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON

document_merge_service is vulnerable to Server-side Template Injection (SSTI). The vulnerability is due to insufficient input sanitization and validation in the handling of templates within the Document Merge Service, which allows attackers to inject malicious code into templates, which is then executed on the server when the template is processed.

CPENameOperatorVersion
document-merge-servicele6.5.1
document-merge-servicele6.5.1

CPE	Name	Operator	Version
	document-merge-service	le	6.5.1
	document-merge-service	le	6.5.1

References

book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection/jinja2-ssti

github.com/adfinis/document-merge-service/commit/a1edd39d33d1bdf75c31ea01c317547be90ca074

github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6

9.9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for VERACODE:47502