Headline
CVE-2023-29689
PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.
Related news
Pyro CMS 3.9 Server-Side Template Injection
Pyro CMS version 3.9 suffers from a server-side template injection vulnerability.
GHSA-w7vm-4v3j-vgpw: PyroCMS remote code execution vulnerability
PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.