Описание
MRCMS v3.1.2 was discovered to contain a server-side template injection (SSTI) vulnerability in the component \servlet\DispatcherServlet.java. This vulnerability allows attackers to execute arbitrary code via a crafted payload.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mrcms:mrcms:3.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00058
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 5.4
github
12 месяцев назад
MRCMS v3.1.2 was discovered to contain a server-side template injection (SSTI) vulnerability in the component \servlet\DispatcherServlet.java. This vulnerability allows attackers to execute arbitrary code via a crafted payload.
EPSS
Процентиль: 18%
0.00058
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-77