CVE-2023-30145, GHSA-x487-866m-p8hr
gem/camaleon_cms
Server-Side Template Injection in Camaleon CMS
Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the formats parameter.
All versions up to 2.7.0
Upgrade to version 2.7.1 or above.
2023-05-29
source |