Описание
A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrary code via injecting crafted Freemarker template syntax into the SQL script field.
EPSS
Процентиль: 8%
0.00029
Низкий
9.9 Critical
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 9.9
github
около 2 месяцев назад
A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrary code via injecting crafted Freemarker template syntax into the SQL script field.
EPSS
Процентиль: 8%
0.00029
Низкий
9.9 Critical
CVSS3
Дефекты
CWE-94