CVE-2024-37621

High

StrongShop v1.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the component…

mitre·CWE-97·Published 2024-06-17

CVSS

7.2

EPSS

0.01

KEV

Exploits

cve.orgen

152 chars

StrongShop v1.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the component /shippingOptionConfig/index.blade.php.

NVDen

152 chars

StrongShop v1.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the component /shippingOptionConfig/index.blade.php.

NVDes

178 chars

Se descubrió que StrongShop v1.0 contenía una vulnerabilidad de inyección de plantilla del lado del servidor (SSTI) a través del componente /shippingOptionConfig/index.blade.php.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.2	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	7.2	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H