.. / CVE-2020-9757

Exploit for Craft CMS < 3.3.0 - Server-Side Template Injection (CVE-2020-9757)

Description:

Craft CMS before 3.3.0 is susceptible to server-side template injection via the SEOmatic component that could lead to remote code execution via malformed data submitted to the metacontainers controller.

Nuclei Template

View the template here CVE-2020-9757.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-9757.yaml

References:

https://github.com/nystudio107/craft-seomatic/commit/a1c2cad7e126132d2442ec8ec8e9ab43df02cc0f
https://github.com/nystudio107/craft-seomatic/blob/v3/CHANGELOG.md
https://github.com/nystudio107/craft-seomatic/commit/65ab659cb6c914c7ad671af1e417c0da2431f79b
https://nvd.nist.gov/vuln/detail/CVE-2020-9757
https://github.com/giany/CVE/blob/master/CVE-2020-9757.txt

.. / CVE-2020-9757 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Craft CMS < 3.3.0 - Server-Side Template Injection (CVE-2020-9757)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2020-9757