CVE-2025-43948

High CVSS: 7.3

Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier (such as for sorting), which will get executed on the server side.

Vendor

Product

CWE

CWE-77

Yayın Tarihi

2025-04-22 18:16:01

Güncelleme

2025-04-23 14:08:13

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-77 HIGH 2025

Referanslar

https://de.linkedin.com/company/codemers https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43948