How severe is CVE-2025-14700?

CVE-2025-14700 has a CVSS v3 score of 9.9 (CRITICAL).

CVE-2025-14700

Name: crafty_controller
Author: craftycontrol

9.9CRITICAL

An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection

Опубликовано: 12/17/2025Обновлено: 12/23/2025

Описание

An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection.

ИИ-АнализНа базе ИИ

Затронутые продукты

craftycontrolcrafty_controller

4.6.1

Ссылки

https://gitlab.com/crafty-controller/crafty-4/-/issues/646
Broken Link