exploitDog

GHSA-6p6p-x42g-j3hv

Опубликовано: 19 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.3

Описание

A Server-Side Template Injection (SSTI) vulnerability in the MDX Rendering Engine in Mintlify Platform before 2025-11-15 allows remote attackers to execute arbitrary code via inline JSX expressions in an MDX file.

A Server-Side Template Injection (SSTI) vulnerability in the MDX Rendering Engine in Mintlify Platform before 2025-11-15 allows remote attackers to execute arbitrary code via inline JSX expressions in an MDX file.

Ссылки

EPSS

Процентиль: 58%

0.00361

Низкий

8.3 High

CVSS3

CVE ID

Дефекты

CWE-1336

Связанные уязвимости

CVE-2025-67843

CVSS3: 8.3

nvd

около 2 месяцев назад

A Server-Side Template Injection (SSTI) vulnerability in the MDX Rendering Engine in Mintlify Platform before 2025-11-15 allows remote attackers to execute arbitrary code via inline JSX expressions in an MDX file.

EPSS

Процентиль: 58%

0.00361

Низкий

8.3 High

CVSS3

CVE ID

Дефекты

CWE-1336