CVE-2025-70830

Published
View on NVD ↗
CVSS v3
9.9
CRITICAL
CVSS v2
N/A
Affected
2
PROJECTS

Description

A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrary code via injecting crafted Freemarker template syntax into the SQL script field.

running-elephant/datart
running-elephant/datart
Datart is a next generation Data Visualization Open Platform
GitHubGitHub
2.29K
xiaoxiaoranxxx/CVE-2025-70830
xiaoxiaoranxxx/CVE-2025-70830
A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart v1.0.0-rc.3 allows authenticated attackers to execute arbitrary code via injecting crafted Freemarker template syntax into the SQL script field.
GitHubGitHub
5