European Chemicals Agency IUCLID before 6.27.6 allows remote authenticated users to execute arbitrary code via Server Side Template Injection (SSTI) with a crafted template file. The attacker must have template manager permission.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-05-02T00:00:00
Updated: 2024-08-02T11:53:52.917Z
Reserved: 2023-02-25T00:00:00
Link: CVE-2023-26546
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-05-02T20:15:10.757
Modified: 2023-05-10T14:29:42.873
Link: CVE-2023-26546
Redhat
No data.