CVE-2023-30179

Posted on by admin

CVE-2023-30179

CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection (SSTI). An authenticated attacker can inject Twig Template to User Photo Location field when setting User Photo Location in User Settings, lead to Remote Code Execution.

Source: CVE-2023-30179

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다