CVE-2023-46245

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-46245

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-46245.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-46245

Aliases

GHSA-fjhg-96cp-6fcw

Published

2023-10-31T15:06:23.359Z

Modified

2025-12-06T00:07:36.682885Z

Severity

7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Kimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig File

Details

Kimai is a web-based multi-user time-tracking application. Versions prior to 2.1.0 are vulnerable to a Server-Side Template Injection (SSTI) which can be escalated to Remote Code Execution (RCE). The vulnerability arises when a malicious user uploads a specially crafted Twig file, exploiting the software's PDF and HTML rendering functionalities. Version 2.1.0 enables security measures for custom Twig templates.

Database specific

{
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/46xxx/CVE-2023-46245.json",
    "cwe_ids": [
        "CWE-1336"
    ]
}

References

Affected packages

Git / github.com/kevinpapst/kimai2

Affected ranges

Type: GIT
Repo: https://github.com/kevinpapst/kimai2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-46245.json"

Git / github.com/kimai/kimai

Affected ranges

Type: GIT
Repo: https://github.com/kimai/kimai
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

38e37f1c2e91e1acb221ec5c13f11b735bd50ae4

Affected versions

0.*

0.1

0.2

0.3

0.4

0.5

0.6

0.6.1

0.7

0.8

0.8.1

0.9

1.*

1.0

1.0.1

1.1

1.10

1.10.1

1.10.2

1.11

1.11.1

1.12

1.13

1.14

1.14.1

1.14.2

1.14.3

1.15

1.15.1

1.15.2

1.15.3

1.15.4

1.15.5

1.15.6

1.16

1.16.1

1.16.10

1.16.2

1.16.3

1.16.4

1.16.5

1.16.6

1.16.7

1.16.8

1.16.9

1.17

1.17.1

1.18

1.18.1

1.18.2

1.19

1.19.1

1.19.2

1.19.3

1.19.4

1.19.5

1.19.6

1.19.7

1.2

1.20

1.20.1

1.20.2

1.20.3

1.20.4

1.21.0

1.22.0

1.22.1

1.23.0

1.23.1

1.24.0

1.25.0

1.26.0

1.27.0

1.28.0

1.28.1

1.29.0

1.29.1

1.3

1.30.0

1.30.1

1.30.4

1.4

1.4.1

1.4.2

1.5

1.6

1.6.1

1.6.2

1.7

1.8

1.9

2.*

2.0.0

2.0.0-alpha

2.0.0-beta

2.0.0-beta-2

2.0.0-beta-3

2.0.0-rc-1

2.0.1

2.0.10

2.0.11

2.0.12

2.0.13

2.0.14

2.0.15

2.0.16

2.0.17

2.0.18

2.0.19

2.0.2

2.0.20

2.0.21

2.0.22

2.0.23

2.0.24

2.0.25

2.0.26

2.0.27

2.0.28

2.0.29

2.0.3

2.0.30

2.0.31

2.0.32

2.0.33

2.0.34

2.0.35

2.0.4

2.0.5

2.0.6

2.0.7

2.0.8

2.0.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-46245.json"