Description
The product generates a web page, but does not neutralize or incorrectly neutralizes user-controllable input that could be interpreted as a server-side include (SSI) directive.
CVE vulnerabilities with CWE-97 (7)
8.7
CVSS
HIGH
CVE-2023-53934
pub. 2025-12-18
8.5
CVSS
HIGH
CVE-2025-35996
pub. 2025-05-01
7.8
CVSS
HIGH
CVE-2025-21103
pub. 2025-02-17
7.8
CVSS
HIGH
CVE-2024-56363
pub. 2024-12-23
7.2
CVSS
HIGH
CVE-2024-37621
pub. 2024-06-17
7.2
CVSS
HIGH
CVE-2024-29686
pub. 2024-03-29
5.1
CVSS
MEDIUM
CVE-2025-36558
pub. 2025-05-01