CVE-2023-46245 HIGH

CVE-2023-46245: Kimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig File

Vendor Kimai
Product kimai
Weakness CWE-1336
Published October 31, 2023
Last update August 2, 2024

CVSS base score

7.2/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Kimai is a web-based multi-user time-tracking application. Versions prior to 2.1.0 are vulnerable to a Server-Side Template Injection (SSTI) which can be escalated to Remote Code Execution (RCE). The vulnerability arises when a malicious user uploads a specially crafted Twig file, exploiting the software's PDF and HTML rendering functionalities. Version 2.1.0 enables security measures for custom Twig templates.

Key dates

02Disclosure timeline

October 31, 2023 CVE published
August 2, 2024 Record updated

Related vulnerabilities

04Related CVE