Falhas do tipo CWE-1336
178 resultadosCVE-2023-34252HIGHGrav Server-side Template Injection via Insufficient Validation in filterFilterEPSS 2.1%CVE-2025-49828HIGHConjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) Vulnerable to Remote Code ExecutionEPSS 2.0%CVE-2021-39128HIGHAffected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA AdministrEPSS 1.8%CVE-2025-1040HIGHServer-Side Template Injection (SSTI) in significant-gravitas/autogptEPSS 1.5%CVE-2023-46245HIGHKimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig FileEPSS 1.5%CVE-2022-0896HIGHImproper Neutralization of Special Elements Used in a Template Engine in microweber/microweberEPSS 1.4%CVE-2024-12583CRITICALDynamics 365 Integration <= 1.3.23 - Authenticated (Contributor+) Remote Code Execution and Arbitrary File Read via Twig Server-Side Template InjectionEPSS 1.4%CVE-2024-45053CRITICALRemote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating EngineEPSS 1.3%CVE-2023-6743HIGHUnlimited Elements for Elementor <= 1.5.89 - Authenticated(Contributor+) Remote Code Execution via template importEPSS 1.3%CVE-2026-21450HIGHBagisto has SSTI in parameter that can lead to RCEEPSS 1.2%CVE-2023-29297CRITICALAdmin-to-admin stored XSS via cache poisoningEPSS 1.2%CVE-2025-46731HIGHCraft CMS Contains a Potential Remote Code Execution Vulnerability via Twig SSTIEPSS 1.2%CVE-2024-41950HIGHInsecure Jinja2 templates rendered in Haystack Components can lead to RCEEPSS 1.2%CVE-2023-27995HIGHA improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an auEPSS 1.1%CVE-2024-30372HIGHAllegra getLinkText Server-Side Template Injection Remote Code Execution VulnerabilityEPSS 1.1%CVE-2024-32406HIGHServer-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code viaEPSS 1.1%CVE-2023-2259CRITICALImproper Neutralization of Special Elements Used in a Template Engine in alfio-event/alf.ioEPSS 1.1%CVE-2026-28697CRITICALCraft Affected by Authenticated RCE via "craft.app.fs.write()" in Twig TemplatesEPSS 1.1%CVE-2025-67843HIGHA Server-Side Template Injection (SSTI) vulnerability in the MDX Rendering Engine in Mintlify Platform before 2025-11-15 allows remote attacEPSS 1.1%CVE-2026-27641CRITICALFlask-Reuploaded vulnerable to Remote Code Execution via Server-Side Template InjectionEPSS 1.0%