CVE-2024-29686
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
29/03/2024
Last modified:
28/05/2025
Description
Server-side Template Injection (SSTI) vulnerability in Winter CMS v.1.2.3 allows a remote attacker to execute arbitrary code via a crafted payload to the CMS Pages field and Plugin components. NOTE: the vendor disputes this because the payload could only be entered by a trusted user, such as the owner of the server that hosts Winter CMS, or a developer working for them.
Impact
Base Score 3.x
7.20
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:wintercms:winter:1.2.3:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://forum.ksec.co.uk/t/webapps-winter-cms-1-2-3-server-side-template-injection-ssti-authenticated/2779
- https://wintercms.com/docs/v1.2/docs/cms/themes#template-structure
- https://www.exploit-db.com/exploits/51893
- https://forum.ksec.co.uk/t/webapps-winter-cms-1-2-3-server-side-template-injection-ssti-authenticated/2779
- https://wintercms.com/docs/v1.2/docs/cms/themes#template-structure
- https://www.exploit-db.com/exploits/51893