Vulnerability Details CVE-2021-42651
A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.024
EPSS Ranking 84.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2021-42651
-
cpe:2.3:a:pentest_collaboration_framework_project:pentest_collaboration_framework:1.0.8