PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| pyrocms/pyrocms(Packagist) | 0 | N/A | N/A |
CVSS Metrics
