Description
A SSTI (server side template injection) vulnerability in the custom template export function in yeti-platform yeti before 2.1.12 allows attackers to execute code on the application server.
Published: 2026-05-08
Score: 7.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A server side template injection flaw (CWE-94) in the custom template export function of yeti-platform yeti allows an attacker to inject malicious template content, which is then rendered and executed on the application server. This leads to code execution under the privileges of the web process, enabling full compromise of confidentiality and integrity of data stored on or processed by the server.

Affected Systems

Versions of yeti-platform yeti before 2.1.12 are impacted. No vendor or product names are available from the CNA; the flaw resides entirely within the application code of this platform.

Risk and Exploitability

The CVSS score of 7.3 indicates high severity, while the EPSS score of < 1% suggests a low probability of exploitation. This combination of high severity but low exploitation likelihood means the vulnerability permits remote code execution and is nevertheless considered a high risk threat. It is not listed in the CISA KEV catalog. The likely attack vector involves any user who can trigger the export function—either authenticated or unauthenticated depending on the platform’s access controls. Exploitation would require the attacker to supply crafted template data to the export endpoint, causing the server to evaluate and run that code.

Generated by OpenCVE AI on May 8, 2026 at 21:03 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade yeti-platform to version 2.1.12 or later to eliminate the vulnerability.
  • If an upgrade is not immediately possible, restrict or remove access to the custom template export endpoint from external traffic.
  • Implement input validation and sanitization on all template data received by the application to prevent malicious content from being rendered.

Generated by OpenCVE AI on May 8, 2026 at 21:03 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 08 May 2026 21:30:00 +0000

Type Values Removed Values Added
Title Server Side Template Injection in Yeti Custom Template Export Allows Remote Code Execution

Fri, 08 May 2026 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Yeti-platform
Yeti-platform yeti
CPEs cpe:2.3:a:yeti-platform:yeti:*:*:*:*:*:*:*:*
Vendors & Products Yeti-platform
Yeti-platform yeti

Fri, 08 May 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 08 May 2026 06:45:00 +0000

Type Values Removed Values Added
Title Server Side Template Injection in Yeti Custom Template Export Allows Remote Code Execution
Weaknesses CWE-94

Fri, 08 May 2026 05:45:00 +0000

Type Values Removed Values Added
Description A SSTI (server side template injection) vulnerability in the custom template export function in yeti-platform yeti before 2.1.12 allows attackers to execute code on the application server.
References

Subscriptions

Yeti-platform Yeti
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-08T17:40:42.362Z

Reserved: 2024-09-11T00:00:00.000Z

Link: CVE-2024-46507

cve-icon Vulnrichment

Updated: 2026-05-08T17:40:21.177Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-08T06:16:09.840

Modified: 2026-05-08T19:52:49.787

Link: CVE-2024-46507

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T09:24:04Z

Weaknesses