CVE-2025-70830 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrar…
Critical CVSS: 9.9

CVE-2025-70830

A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrary code via injecting crafted Freemarker template syntax into the SQL script field.
Vendor
-
Product
-
CWE
CWE-94
Yayın Tarihi
2026-02-17 16:20:25
Güncelleme
2026-02-18 17:52:22
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-94 CRITICAL 2026

Referanslar

https://github.com/running-elephant/datart https://github.com/xiaoxiaoranxxx/CVE-2025-70830 https://portswigger.net/web-security/server-side-template-injection