Lucene search
HistoryMay 04, 2023 - 3:15 a.m.
CVE-2023-30331
beetl 3.15.0
server-side template injection
cve-2023-30331
render function
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.4%
An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection (SSTI) via a crafted payload.
Affected configurations
Node
beetl_projectbeetlMatch3.150
Related
github
github
Server-side template injection in beetl
2023-05-04 03:30:22
veracode
veracode
Server-Side Template Injection(SSTI)
2023-05-11 03:41:17
cve
cve
CVE-2023-30331
2023-05-04 03:15:21
osv
osv
Server-side template injection in beetl
2023-05-04 03:30:22
prion
prion
Sql injection
2023-05-04 03:15:00
cvelist
cvelist
CVE-2023-30331
2023-05-04 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.4%
Related for NVD:CVE-2023-30331