CVE-2025-53833 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side T…
Critical CVSS: 10.0

CVE-2025-53833

LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side Template Injection (SSTI), which could potentially lead to Remote Code Execution (RCE) in vulnerable configurations. Attackers could execute arbitrary commands on the server, access sensitive environment variables, and/or escalate access depending on server configuration. Users are strongly advised to upgrade to version v2.8.1 or later to receive a patch.
Vendor
-
Product
-
CWE
CWE-1336
Yayın Tarihi
2025-07-14 23:15:24
Güncelleme
2025-07-15 13:14:24
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-1336 CRITICAL 2025

Referanslar

https://github.com/saleem-hadad/larecipe/commit/c1d0d56889655ce5f2645db5acf0e78d5fc3b36b https://github.com/saleem-hadad/larecipe/pull/390 https://github.com/saleem-hadad/larecipe/security/advisories/GHSA-jv7x-xhv2-p5v2