exploitDog

GHSA-jc4p-rhvc-xg67

Опубликовано: 11 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

Server Side Template Injection (SSTI) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary commands via the Group Name field under the add forms section of the application.

Server Side Template Injection (SSTI) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary commands via the Group Name field under the add forms section of the application.

Ссылки

EPSS

Процентиль: 23%

0.00076

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2024-22722

CVSS3: 7.2

nvd

почти 2 года назад

Server Side Template Injection (SSTI) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary commands via the Group Name field under the add forms section of the application.

EPSS

Процентиль: 23%

0.00076

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-94