Description
The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine.
CVE vulnerabilities with CWE-1336 (180)
10.0
CVSS
CRITICAL
CVE-2025-34300
pub. 2025-07-16
10.0
CVSS
CRITICAL
CVE-2025-53833
pub. 2025-07-14
10.0
CVSS
CRITICAL
CVE-2025-47916
pub. 2025-05-16
10.0
CVSS
CRITICAL
CVE-2025-46661
pub. 2025-04-28
10.0
CVSS
CRITICAL
CVE-2024-32651
pub. 2024-04-26
9.9
CVSS
CRITICAL
CVE-2026-45312
pub. 2026-05-29
9.9
CVSS
CRITICAL
CVE-2026-9558
pub. 2026-05-29
9.9
CVSS
CRITICAL
CVE-2026-33897
pub. 2026-03-26
9.9
CVSS
CRITICAL
CVE-2026-1868
pub. 2026-02-09
9.9
CVSS
CRITICAL
CVE-2025-14700
pub. 2025-12-17
9.9
CVSS
CRITICAL
CVE-2025-32461
pub. 2025-04-09
9.9
CVSS
CRITICAL
CVE-2025-23211
pub. 2025-01-28
9.9
CVSS
CRITICAL
CVE-2024-12583
pub. 2025-01-04
9.9
CVSS
CRITICAL
CVE-2024-6386
pub. 2024-08-21
9.8
CVSS
CRITICAL
CVE-2026-45697
pub. 2026-05-29
9.8
CVSS
CRITICAL
CVE-2026-27641
pub. 2026-02-25
9.8
CVSS
CRITICAL
CVE-2026-25526
pub. 2026-02-04
9.8
CVSS
CRITICAL
CVE-2025-64087
pub. 2026-01-20
9.8
CVSS
CRITICAL
CVE-2022-23851
pub. 2025-12-17
9.8
CVSS
CRITICAL
CVE-2025-65602
pub. 2025-12-10
Showing 20 of 180 vulnerabilities