EDB-52335webappsmultiple

Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI

Cristian Branet6/15/2025

在Exploit-DB查看在GitLab查看源代码

AI分析AI驱动

漏洞利用代码

Exploit code not available in database

在GitLab查看源代码

CVE-2025-49619

8.5HIGH

Skyvern through 0.1.85 is vulnerable to server-side template injection (SSTI) in the Prompt field of workflow blocks such as the Navigation v2 Block. Improper sanitization of Jinja2 template input all

Skyvern through 0.1.85 is vulnerable to server-side template injection (SSTI) in the Prompt field of workflow blocks such as the Navigation v2 Block. Improper sanitization of Jinja2 template input all...

6/7/2025CWE-1336

AI分析AI驱动

漏洞利用代码

相关CVE (1)

CVE-2025-49619

Skyvern through 0.1.85 is vulnerable to server-side template injection (SSTI) in the Prompt field of workflow blocks such as the Navigation v2 Block. Improper sanitization of Jinja2 template input all