Common Weakness Enumeration

CWE-1336

Allowed

Improper Neutralization of Special Elements Used in a Template Engine

Abstraction: Base · Status: Incomplete

The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine.

313 vulnerabilities reference this CWE, most recent first.

GHSA-3JGV-PFQJ-V626

Vulnerability from github – Published: 2024-04-26 06:30 – Updated: 2024-07-03 18:36
VLAI
Details

Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-32406"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1336",
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-26T04:15:09Z",
    "severity": "HIGH"
  },
  "details": "Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function.",
  "id": "GHSA-3jgv-pfqj-v626",
  "modified": "2024-07-03T18:36:57Z",
  "published": "2024-04-26T06:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32406"
    },
    {
      "type": "WEB",
      "url": "https://packetstormsecurity.com/files/178251/Relate-Learning-And-Teaching-System-SSTI-Remote-Code-Execution.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-46VF-C8GJ-2PGQ

Vulnerability from github – Published: 2024-04-22 21:31 – Updated: 2025-10-22 00:33
VLAI
Details

VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-4040"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1336",
      "CWE-20",
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-22T20:15:07Z",
    "severity": "HIGH"
  },
  "details": "VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.",
  "id": "GHSA-46vf-c8gj-2pgq",
  "modified": "2025-10-22T00:33:00Z",
  "published": "2024-04-22T21:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4040"
    },
    {
      "type": "WEB",
      "url": "https://github.com/airbus-cert/CVE-2024-4040"
    },
    {
      "type": "WEB",
      "url": "https://www.bleepingcomputer.com/news/security/crushftp-warns-users-to-patch-exploited-zero-day-immediately"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4040"
    },
    {
      "type": "WEB",
      "url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"
    },
    {
      "type": "WEB",
      "url": "https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update"
    },
    {
      "type": "WEB",
      "url": "https://www.rapid7.com/blog/post/2024/04/23/etr-unauthenticated-crushftp-zero-day-enables-complete-server-compromise"
    },
    {
      "type": "WEB",
      "url": "https://www.reddit.com/r/crowdstrike/comments/1c88788/situational_awareness_20240419_crushftp_virtual"
    },
    {
      "type": "WEB",
      "url": "https://www.reddit.com/r/cybersecurity/comments/1c850i2/all_versions_of_crush_ftp_are_vulnerable"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4J89-2C4F-44C6

Vulnerability from github – Published: 2026-06-22 23:58 – Updated: 2026-06-22 23:58
VLAI
Summary
Gogs has DoS in rendering issue index pattern
Details

Summary

Special template of issue index pattern may cause panic.

Details

in internal/markup/markup.go

link = fmt.Sprintf(`<a href="%s">%s</a>`, com.Expand(metas["format"], metas), m)

Issue index pattern is rendered to link with com.Expand.

However, com.Expand is not safe.

i = strings.Index(template, "}")
if s, ok := match[template[:i]]; ok {

when { is found but } not found, i comes to 1, template[:-1] will be called, and then panicked

image

finally, all pages than contains issue index are unavailable.

PoC

  1. set issue index pattern as follow

image

  1. add a commit which point to an issue in its msg

image

using #1 above

Impact

DoS that cause part of pages of the specify repo unavailable.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.14.2"
      },
      "package": {
        "ecosystem": "Go",
        "name": "gogs.io/gogs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.14.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-52796"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1336"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-22T23:58:17Z",
    "nvd_published_at": null,
    "severity": "LOW"
  },
  "details": "### Summary\nSpecial template of issue index pattern may cause panic.\n\n### Details\n\nin internal/markup/markup.go\n\n```go\nlink = fmt.Sprintf(`\u003ca href=\"%s\"\u003e%s\u003c/a\u003e`, com.Expand(metas[\"format\"], metas), m)\n```\n\nIssue index pattern is rendered to link with `com.Expand`.\n\nHowever, `com.Expand` is not safe.\n\n```go\ni = strings.Index(template, \"}\")\nif s, ok := match[template[:i]]; ok {\n```\n\nwhen `{` is found but `}` not found, i comes to 1, template[:-1] will be called, and then panicked\n\n![image](https://user-images.githubusercontent.com/38121125/285883766-64873c44-d325-44ce-96a8-badbaadab178.png)\n\nfinally, all pages than contains issue index are unavailable.\n\n### PoC\n\n1. set issue index pattern as follow\n\n![image](https://user-images.githubusercontent.com/38121125/285878157-c5fe848e-0fbd-4fdb-92d4-5eb01df2b8ca.png)\n\n2. add a commit which point to an issue in its msg\n\n![image](https://user-images.githubusercontent.com/38121125/285879545-bc360503-49b9-453f-aa24-9a5c5a45cf10.png)\n\nusing `#1` above\n\n### Impact\n\nDoS that cause part of pages of the specify repo unavailable.",
  "id": "GHSA-4j89-2c4f-44c6",
  "modified": "2026-06-22T23:58:17Z",
  "published": "2026-06-22T23:58:17Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/gogs/gogs/security/advisories/GHSA-4j89-2c4f-44c6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gogs/gogs/pull/8312"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gogs/gogs/commit/0529d95fc39f2b6d2997b19a2a12e24522684722"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/gogs/gogs"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gogs/gogs/releases/tag/v0.14.3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Gogs has DoS in rendering issue index pattern"
}

GHSA-4PJC-PWGQ-Q9JP

Vulnerability from github – Published: 2024-12-11 18:44 – Updated: 2024-12-12 19:20
VLAI
Summary
SiYuan has an SSTI via /api/template/renderSprig
Details

Summary

Siyuan's /api/template/renderSprig endpoint is vulnerable to Server-Side Template Injection (SSTI) through the Sprig template engine. Although the engine has limitations, it allows attackers to access environment variables

Impact

Information leakage

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/siyuan-note/siyuan/kernel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.0.0-20241210012039-5129ad926a21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-55660"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1336"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-12-11T18:44:47Z",
    "nvd_published_at": "2024-12-12T02:15:32Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\nSiyuan\u0027s /api/template/renderSprig endpoint is vulnerable to Server-Side Template Injection (SSTI) through the Sprig template engine. Although the engine has limitations, it allows attackers to access environment variables\n\n### Impact\n\nInformation leakage",
  "id": "GHSA-4pjc-pwgq-q9jp",
  "modified": "2024-12-12T19:20:33Z",
  "published": "2024-12-11T18:44:47Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-4pjc-pwgq-q9jp"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55660"
    },
    {
      "type": "WEB",
      "url": "https://github.com/siyuan-note/siyuan/commit/e70ed57f6e4852e2bd702671aeb8eb3a47a36d71"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/siyuan-note/siyuan"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2024-3324"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "SiYuan has an SSTI via /api/template/renderSprig"
}

GHSA-4PQH-3F6P-63C5

Vulnerability from github – Published: 2026-06-02 12:31 – Updated: 2026-06-02 12:31
VLAI
Details

Server-Side Template Injection (SSTI) in Wirtualna Uczelnia allows an unauthenticated attacker to perform Remote Code Execution (RCE). In the endpoint redirectToUrl and parameter redirectUrlParameter, insufficient input validation permits injection of arbitrary template expressions that are executed on the server. Successful exploitation can allow an attacker to run remote commands, including establishing a reverse shell.

This issue affects Wirtualna Uczelnia versions up to wu#2016.437.295#0#20260327_105545

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-34906"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1336"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-02T10:16:22Z",
    "severity": "CRITICAL"
  },
  "details": "Server-Side Template Injection (SSTI) in Wirtualna Uczelnia allows an unauthenticated attacker to perform Remote Code Execution (RCE). In the endpoint redirectToUrl and parameter redirectUrlParameter, insufficient input validation permits injection of arbitrary template expressions that are executed on the server. Successful exploitation can allow an attacker to run remote commands, including establishing a reverse shell.\n\nThis issue affects Wirtualna Uczelnia versions up to\u00a0wu#2016.437.295#0#20260327_105545",
  "id": "GHSA-4pqh-3f6p-63c5",
  "modified": "2026-06-02T12:31:25Z",
  "published": "2026-06-02T12:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34906"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/posts/2026/06/CVE-2026-34906"
    },
    {
      "type": "WEB",
      "url": "https://simple.com.pl/branze/edukacyjna"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-4R7V-WHPG-8RX3

Vulnerability from github – Published: 2024-10-15 18:05 – Updated: 2025-08-06 17:55
VLAI
Summary
changedetection.io has a Server Side Template Injection using Jinja2 which allows Remote Command Execution
Details

Summary

A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host.

Details

changedetection.io version: 0.45.20

docker images
REPOSITORY                            TAG       IMAGE ID       CREATED        SIZE
dgtlmoon/changedetection.io           latest    53529c2e69f1   44 hours ago   423MB

The vulnerability is caused by the usage of vulnerable functions of Jinja2 template engine.

from jinja2 import Environment, BaseLoader
...
    # Get the notification body from datastore
    jinja2_env = Environment(loader=BaseLoader)
    n_body = jinja2_env.from_string(n_object.get('notification_body', '')).render(**notification_parameters)
    n_title = jinja2_env.from_string(n_object.get('notification_title', '')).render(**notification_parameters)

PoC

  1. Create/Edit a URL watch item
  2. Under Notifications tab insert this payload:
{{ self.__init__.__globals__.__builtins__.__import__('os').popen('id').read() }}

Screenshot from 2024-04-19 15-46-04

  1. See Telegram (or other supported messaging app) notification

Screenshot from 2024-04-19 16-02-12

Impact

In the PoC I've used id as payload and Telegram to read the result.
Attackers can run any system command without any restriction and they don't need to read the result in the notification app (e.g. they could use a reverse shell). The impact is critical as the attacker can completely takeover the server host. This can be reduced if changedetection access is protected by login page with a password, but this isn't required by the application (not by default and not enforced).

References

  • https://www.hacktivesecurity.com/blog/2024/05/08/cve-2024-32651-server-side-template-injection-changedetection-io/
  • https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection/jinja2-ssti
  • https://www.onsecurity.io/blog/server-side-template-injection-with-jinja2/
  • https://docs.cobalt.io/bestpractices/prevent-ssti/

Credits

Edoardo Ottavianelli

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.45.20"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "changedetection.io"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.45.21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-32651"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1336"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-10-15T18:05:15Z",
    "nvd_published_at": "2024-04-26T00:15:08Z",
    "severity": "CRITICAL"
  },
  "details": "### Summary\nA Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host.\n\n### Details\n\nchangedetection.io version: 0.45.20\n```\ndocker images\nREPOSITORY                            TAG       IMAGE ID       CREATED        SIZE\ndgtlmoon/changedetection.io           latest    53529c2e69f1   44 hours ago   423MB\n```\n\nThe vulnerability is caused by the usage of vulnerable functions of Jinja2 template engine.\n```python\nfrom jinja2 import Environment, BaseLoader\n...\n    # Get the notification body from datastore\n    jinja2_env = Environment(loader=BaseLoader)\n    n_body = jinja2_env.from_string(n_object.get(\u0027notification_body\u0027, \u0027\u0027)).render(**notification_parameters)\n    n_title = jinja2_env.from_string(n_object.get(\u0027notification_title\u0027, \u0027\u0027)).render(**notification_parameters)\n```\n\n\n### PoC\n1. Create/Edit a URL watch item\n2. Under *Notifications* tab insert this payload: \n```python\n{{ self.__init__.__globals__.__builtins__.__import__(\u0027os\u0027).popen(\u0027id\u0027).read() }}\n```\n![Screenshot from 2024-04-19 15-46-04](https://github.com/dgtlmoon/changedetection.io/assets/35783570/b6a5779f-fd1e-4708-9b2d-21cb97f0bb4f)\n\n3. See Telegram (or other supported messaging app) notification\n\n![Screenshot from 2024-04-19 16-02-12](https://github.com/dgtlmoon/changedetection.io/assets/35783570/20877919-d6fe-49f1-bbd2-586e900207f1)\n\n\n### Impact\nIn the PoC I\u0027ve used `id` as payload and Telegram to read the result.  \nAttackers can run any system command without any restriction and they don\u0027t need to read the result in the notification app (e.g. they could use a reverse shell).\nThe impact is critical as the attacker can completely takeover the server host.\nThis can be reduced if changedetection access is protected by login page with a password, but this isn\u0027t required by the application (not by default and not enforced).\n\n### References\n- https://www.hacktivesecurity.com/blog/2024/05/08/cve-2024-32651-server-side-template-injection-changedetection-io/\n- https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection/jinja2-ssti\n- https://www.onsecurity.io/blog/server-side-template-injection-with-jinja2/\n- https://docs.cobalt.io/bestpractices/prevent-ssti/\n\n### Credits\n\nEdoardo Ottavianelli",
  "id": "GHSA-4r7v-whpg-8rx3",
  "modified": "2025-08-06T17:55:27Z",
  "published": "2024-10-15T18:05:15Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32651"
    },
    {
      "type": "WEB",
      "url": "https://blog.hacktivesecurity.com/index.php/2024/05/08/cve-2024-32651-server-side-template-injection-changedetection-io"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/dgtlmoon/changedetection.io"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dgtlmoon/changedetection.io/releases/tag/0.45.21"
    },
    {
      "type": "WEB",
      "url": "https://www.onsecurity.io/blog/server-side-template-injection-with-jinja2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "changedetection.io has a Server Side Template Injection using Jinja2 which allows Remote Command Execution"
}

GHSA-4RMR-C2JX-VX27

Vulnerability from github – Published: 2022-01-27 14:51 – Updated: 2022-08-11 17:05
VLAI
Summary
Mustache remote code injection vulnerability
Details

In Mustache.php v2.0.0 through v2.14.0, Sections tag can lead to arbitrary php code execution even if strict_callables is true when section value is controllable.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "mustache/mustache"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.14.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-0323"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1336",
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-01-24T23:01:39Z",
    "nvd_published_at": "2022-01-21T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "In Mustache.php v2.0.0 through v2.14.0, Sections tag can lead to arbitrary php code execution even if strict_callables is true when section value is controllable.\n\n",
  "id": "GHSA-4rmr-c2jx-vx27",
  "modified": "2022-08-11T17:05:16Z",
  "published": "2022-01-27T14:51:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0323"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bobthecow/mustache.php/commit/579ffa5c96e1d292c060b3dd62811ff01ad8c24e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/mustache/mustache/CVE-2022-0323.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/bobthecow/mustache.php"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bobthecow/mustache.php/releases/tag/v2.14.1"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/a5f5a988-aa52-4443-839d-299a63f44fb7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Mustache remote code injection vulnerability"
}

GHSA-4W64-J7CG-53XC

Vulnerability from github – Published: 2023-04-24 21:30 – Updated: 2023-04-24 21:30
VLAI
Details

Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-2259"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1336",
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-24T21:15:09Z",
    "severity": "CRITICAL"
  },
  "details": "Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304.",
  "id": "GHSA-4w64-j7cg-53xc",
  "modified": "2023-04-24T21:30:30Z",
  "published": "2023-04-24T21:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2259"
    },
    {
      "type": "WEB",
      "url": "https://github.com/alfio-event/alf.io/commit/94e2923a317452e337393789c9f3192dfc1ddac2"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/e753bce0-ce82-463b-b344-2f67b39b60ff"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-527Q-4WQV-G9WJ

Vulnerability from github – Published: 2025-10-16 20:28 – Updated: 2025-10-16 21:54
VLAI
Summary
bagisto has Server Side Template Injection (SSTI) in Product Description
Details

Summary

Bagisto v2.3.7 is vulnerable to Server-Side Template Injection (SSTI) due to unsanitized user input being processed by the server-side templating engine when rendering product descriptions. This allows an attacker with product creation privileges to inject arbitrary template expressions that are evaluated by the backend — potentially leading to Remote Code Execution (RCE) on the server.

Details

In Bagisto, product descriptions are rendered through Laravel’s Blade templating engine in various front-end and admin views. The product description field is not sanitized or escaped before being passed to the view, which means user-supplied data can break out of the expected string context and execute arbitrary template code.

PoC

Create a product and enter the payload to the description. image Preview the page, observed that the template expressions were evaluated by the backend and displayed on the screen. image

Impact

RCE potential: Attackers can execute arbitrary PHP code or system commands. Data breach: Read sensitive environment variables (.env), API keys, or database credentials. Defacement / persistence: Inject malicious scripts or backdoors in dynamic templates. Privilege escalation: If attackers have limited roles (e.g., product manager), they can compromise the entire application or host.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.3.7"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "bagisto/bagisto"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.3.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-62416"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1336",
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-10-16T20:28:35Z",
    "nvd_published_at": "2025-10-16T19:15:34Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\nBagisto v2.3.7 is vulnerable to Server-Side Template Injection (SSTI) due to unsanitized user input being processed by the server-side templating engine when rendering product descriptions. This allows an attacker with product creation privileges to inject arbitrary template expressions that are evaluated by the backend \u2014 potentially leading to Remote Code Execution (RCE) on the server.\n\n### Details\nIn Bagisto, product descriptions are rendered through Laravel\u2019s Blade templating engine in various front-end and admin views. The product description field is not sanitized or escaped before being passed to the view, which means user-supplied data can break out of the expected string context and execute arbitrary template code.\n\n### PoC\nCreate a product and enter the payload to the description.\n\u003cimg width=\"679\" height=\"669\" alt=\"image\" src=\"https://github.com/user-attachments/assets/1e5dac3f-4043-4b31-98ed-f4346feb5477\" /\u003e\nPreview the page, observed that the template expressions were evaluated by the backend and displayed on the screen.\n\u003cimg width=\"1431\" height=\"922\" alt=\"image\" src=\"https://github.com/user-attachments/assets/16f29c6e-05f4-40c4-9926-0c59e0a979c2\" /\u003e\n\n\n### Impact\nRCE potential: Attackers can execute arbitrary PHP code or system commands.\nData breach: Read sensitive environment variables (.env), API keys, or database credentials.\nDefacement / persistence: Inject malicious scripts or backdoors in dynamic templates.\nPrivilege escalation: If attackers have limited roles (e.g., product manager), they can compromise the entire application or host.",
  "id": "GHSA-527q-4wqv-g9wj",
  "modified": "2025-10-16T21:54:30Z",
  "published": "2025-10-16T20:28:35Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/bagisto/bagisto/security/advisories/GHSA-527q-4wqv-g9wj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62416"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/bagisto/bagisto"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "bagisto has Server Side Template Injection (SSTI) in Product Description"
}

GHSA-565M-G33J-JQ96

Vulnerability from github – Published: 2026-07-06 16:52 – Updated: 2026-07-06 16:52
VLAI
Summary
Formie Hidden field defaults vulnerable to Server-Side Template Injection
Details

Summary

Formie Hidden fields could evaluate request-derived values as Twig during front-end form rendering.

When a Hidden field used a dynamic default value such as HTTP User Agent, Referer URL, Current URL, Query Parameter, or Cookie Value, the value was copied from the incoming request and later passed to Craft’s Twig rendering layer. This allowed an unauthenticated attacker to provide Twig syntax in request-controlled input and have it evaluated server-side when the form was rendered.

Affected Versions

verbb/formie for Craft 5: - Affected: >= 3.0.0-beta.1, <= 3.1.26 - Patched: 3.1.27

Impact

An unauthenticated attacker could trigger server-side template evaluation by visiting a public form containing a Hidden field configured with a request-derived default value.

Because Craft’s normal Twig environment exposes application objects, this may lead to disclosure of sensitive information, modification of application state, or remote code execution depending on the site configuration and available Twig capabilities.

Technical Details

The issue exists in the Hidden field front-end render path. Request-derived Hidden field defaults were assigned to the field’s defaultValue, then rendered via Twig in Hidden::getFrontEndInputOptions().

The fix ensures Twig rendering is only performed for the custom default option, where the template source is admin-authored. Request-derived default options are now treated as plain strings.

Patches

Update to Formie 3.1.27 or later.

Workarounds

Until patched, avoid using request-derived Hidden field defaults on public forms, including: - HTTP User Agent - HTTP Refer URL - Current URL - Current URL without Query String - Query Parameter - Cookie Value

Alternatively, remove affected Hidden fields from public forms until the update is applied.

Credit

Name: Yanchon918s Email: ao9s@ao9s.net

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "verbb/formie"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.1.27"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-52889"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1336"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-06T16:52:16Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "## Summary\nFormie Hidden fields could evaluate request-derived values as Twig during front-end form rendering.\n\nWhen a Hidden field used a dynamic default value such as HTTP User Agent, Referer URL, Current URL, Query Parameter, or Cookie Value, the value was copied from the incoming request and later passed to Craft\u2019s Twig rendering layer. This allowed an unauthenticated attacker to provide Twig syntax in request-controlled input and have it evaluated server-side when the form was rendered.\n\n## Affected Versions\n`verbb/formie` for Craft 5:\n- Affected: \u003e= 3.0.0-beta.1, \u003c= 3.1.26\n- Patched: 3.1.27\n\n## Impact\nAn unauthenticated attacker could trigger server-side template evaluation by visiting a public form containing a Hidden field configured with a request-derived default value.\n\nBecause Craft\u2019s normal Twig environment exposes application objects, this may lead to disclosure of sensitive information, modification of application state, or remote code execution depending on the site configuration and available Twig capabilities.\n\n## Technical Details\nThe issue exists in the Hidden field front-end render path. Request-derived Hidden field defaults were assigned to the field\u2019s defaultValue, then rendered via Twig in `Hidden::getFrontEndInputOptions()`.\n\nThe fix ensures Twig rendering is only performed for the custom default option, where the template source is admin-authored. Request-derived default options are now treated as plain strings.\n\n## Patches\nUpdate to Formie 3.1.27 or later.\n\n## Workarounds\nUntil patched, avoid using request-derived Hidden field defaults on public forms, including:\n- HTTP User Agent\n- HTTP Refer URL\n- Current URL\n- Current URL without Query String\n- Query Parameter\n- Cookie Value\n\nAlternatively, remove affected Hidden fields from public forms until the update is applied.\n\n## Credit\nName: Yanchon918s\nEmail: [ao9s@ao9s.net](mailto:ao9s@ao9s.net)",
  "id": "GHSA-565m-g33j-jq96",
  "modified": "2026-07-06T16:52:16Z",
  "published": "2026-07-06T16:52:16Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/verbb/formie/security/advisories/GHSA-565m-g33j-jq96"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/verbb/formie"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Formie Hidden field defaults vulnerable to Server-Side Template Injection"
}

Mitigation
Architecture and Design

Choose a template engine that offers a sandbox or restricted mode, or at least limits the power of any available expressions, function calls, or commands.

Mitigation
Implementation

Use the template engine's sandbox or restricted mode, if available.

No CAPEC attack patterns related to this CWE.