CVE-2024-29686

Published: Mar 29, 2024Modified: May 28, 2025

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Server-side Template Injection (SSTI) vulnerability in Winter CMS v.1.2.3 allows a remote attacker to execute arbitrary code via a crafted payload to the CMS Pages field and Plugin components. NOTE: the vendor disputes this because the payload could only be entered by a trusted user, such as the owner of the server that hosts Winter CMS, or a developer working for them.

Affected (1)

Products: Wintercms: Winter

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Wintercms Winter	Version 1.2.3

Related CWEs

Improper Neutralization of Server-Side Includes (SSI) Within a Web Page

The product generates a web page, but does not neutralize or incorrectly neutralizes user-controllable input that could be interpreted as a server-side include (SSI) directive.

References (6)

https://forum.ksec.co.uk/t/webapps-winter-cms-1-2-3-server-side-template-injection-ssti-authenticated/2779

Source: cve@mitre.org

Third Party Advisory

https://wintercms.com/docs/v1.2/docs/cms/themes#template-structure

Source: cve@mitre.org

Product

https://www.exploit-db.com/exploits/51893

Source: cve@mitre.org

ExploitThird Party Advisory

https://forum.ksec.co.uk/t/webapps-winter-cms-1-2-3-server-side-template-injection-ssti-authenticated/2779

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://wintercms.com/docs/v1.2/docs/cms/themes#template-structure

Source: af854a3a-2127-422b-91ae-364da2661108

Product

https://www.exploit-db.com/exploits/51893

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.