Craft CMS Vulnerable to Server-Side Template Injection
High severity
GitHub Reviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Apr 25, 2024
Description
Published by the National Vulnerability Database
Dec 25, 2018
Published to the GitHub Advisory Database
May 13, 2022
Reviewed
Apr 25, 2024
Last updated
Apr 25, 2024
Craft CMS through 3.0.34 allows remote authenticated administrators to read sensitive information via server-side template injection, as demonstrated by a
{%
string forcraft.app.config.DB.user
andcraft.app.config.DB.password
in the URI Format of the Site Settings, which causes a cleartext username and password to be displayed in a URI field.References