Description
Server-Side Template Injection (SSTI) in Wirtualna Uczelnia allows an unauthenticated attacker to perform Remote Code Execution (RCE). In the endpoint redirectToUrl and parameter redirectUrlParameter, insufficient input validation permits injection of arbitrary template expressions that are executed on the server. Successful exploitation can allow an attacker to run remote commands, including establishing a reverse shell.

This issue affects Wirtualna Uczelnia versions up to wu#2016.437.295#0#20260327_105545
Published: 2026-06-02
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a Server‑Side Template Injection that allows an unauthenticated attacker to inject and execute arbitrary template expressions through the redirectToUrl endpoint and the redirectUrlParameter. This flaw permits the attacker to run server‑side code and achieve full remote control, including establishing a reverse shell. The weakness is an input validation defect pointed to by CWE‑1336.

Affected Systems

Affected versions are all releases of Wirtualna Uczelnia from Simple SA up to wu#2016.437.295#0#20260327_105545. No other vendor or product versions are listed.

Risk and Exploitability

With a CVSS score of 9.3 the flaw is classified as critical; the EPSS score is unavailable, so current exploitation probability is unknown, and the vulnerability is not in the CISA KEV catalog. An attacker can exploit the flaw without authentication, making it highly attractive. The lack of a published exploit does not reduce the risk, as the underlying mechanics are trivial to craft given the surface exposed by the unvalidated redirectUrlParameter.

Generated by OpenCVE AI on June 2, 2026 at 11:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Promptly upgrade to a patched release of Wirtualna Uczelnia that is newer than wu#2016.437.295#0#20260327_105545.
  • If no patch is immediately available, block unauthenticated access to the redirectToUrl endpoint using network controls or configuration changes, and ensure only a whitelist of safe URLs can be used.
  • Enforce strict server‑side input validation to reject any template syntax in the redirectUrlParameter before processing, thereby closing the injection route. The validation must be context‑aware to avoid legitimate placeholders.
  • If the redirect functionality is not essential, consider disabling or removing the redirectToUrl endpoint entirely to eliminate the attack vector.

Generated by OpenCVE AI on June 2, 2026 at 11:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 02 Jun 2026 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Simple Sa
Simple Sa wirtualna Uczelnia
Vendors & Products Simple Sa
Simple Sa wirtualna Uczelnia

Tue, 02 Jun 2026 10:00:00 +0000

Type Values Removed Values Added
Description Server-Side Template Injection (SSTI) in Wirtualna Uczelnia allows an unauthenticated attacker to perform Remote Code Execution (RCE). In the endpoint redirectToUrl and parameter redirectUrlParameter, insufficient input validation permits injection of arbitrary template expressions that are executed on the server. Successful exploitation can allow an attacker to run remote commands, including establishing a reverse shell. This issue affects Wirtualna Uczelnia versions up to wu#2016.437.295#0#20260327_105545
Title Server-Side Template Injection (SSTI) in Wirtualna Uczelnia
Weaknesses CWE-1336
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L'}

Subscriptions

Simple Sa Wirtualna Uczelnia
cve-icon MITRE

Status: PUBLISHED

Assigner: CERT-PL

Published:

Updated: 2026-06-02T08:31:02.827Z

Reserved: 2026-03-31T12:34:08.476Z

Link: CVE-2026-34906

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-02T10:16:22.733

Modified: 2026-06-02T10:16:22.733

Link: CVE-2026-34906

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-02T12:30:08Z

Weaknesses