CVE-2025-43948

Published April 22nd, 2025

View on NVD ↗

CVSS v3

7.3

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier (such as for sorting), which will get executed on the server side.

Henkel-CyberVM/CVEs

CVE reports created by Henkel AG & Co. KGaA's Cyber Defense team.

GitHub