CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-14700

An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.4%

CVSS Severity

CVSS v3 Score 9.9

References

https://gitlab.com/crafty-controller/crafty-4/-/issues/646

Products affected by CVE-2025-14700

Craftycontrol » Crafty Controller » Version: 4.6.1

cpe:2.3:a:craftycontrol:crafty_controller:4.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-14700

Products

Pricing

Contact Us