Vulnerability Details CVE-2023-30179
CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection (SSTI). An authenticated attacker can inject Twig Template to User Photo Location field when setting User Photo Location in User Settings, lead to Remote Code Execution. NOTE: the vendor disputes this because only Administrators can add this Twig code, and (by design) Administrators are allowed to do that by default.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.038
EPSS Ranking 87.7%
CVSS Severity
CVSS v3 Score 7.2
References
- https://datnlq.gitbook.io/cve/craft-cms/cve-2023-30179-server-side-template-injection
- https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#442---2023-03-14
- https://github.com/github/advisory-database/pull/2443#issuecomment-1610040714
- https://github.com/github/advisory-database/pull/2443#issuecomment-1610634200
- https://datnlq.gitbook.io/cve/craft-cms/cve-2023-30179-server-side-template-injection
- https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#442---2023-03-14
- https://github.com/github/advisory-database/pull/2443#issuecomment-1610040714
- https://github.com/github/advisory-database/pull/2443#issuecomment-1610634200