CVE-2023-30145

CRITICAL9.8EPSS 53.3%

Server-Side Template Injection in Camaleon CMS

發布日:2023/5/26修改日:2024/2/16

描述

Camaleon CMS prior to 2.7.4 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the `formats` parameter.

來源	版本	嚴重程度	向量
osv	CVSS 3.1	CRITICAL9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H