APTRS has SSTI vulnerability

APTRS (Automated Penetration Testing Reporting System) is a Python and Django-based automated reporting tool designed for penetration testers and security organizations. In 1.0, there is a vulnerability in the web application's handling of user-supplied input that is incorporated into a Jinja2 template. Specifically, when user input is improperly sanitized or validated, an attacker can inject Jinja2 syntax into the template, causing the server to execute arbitrary code. For example, an attacker might be able to inject expressions like {{ config }}, {{ self.class.mro[1].subclasses() }}, or more dangerous payloads that trigger execution of arbitrary Python code. The vulnerability can be reproduced by submitting crafted input to all the template fields handled by ckeditor, that are passed directly to a Jinja2 template. If the input is rendered without sufficient sanitization, it results in the execution of malicious Jinja2 code on the server.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Web页面中服务端引用(SSI)转义处理不恰当

APTRS 安全漏洞

APTRS（Automated Penetration Testing Reporting System）是APTRS开源的一款基于 Python 和 Django 的自动报告工具。专为渗透测试人员和安全组织而设计。 APTRS 1.0版本存在安全漏洞，该漏洞源于web应用中输入清理不当，允许攻击者注入Jinja2语法，导致服务器执行任意代码。

N/A

N/A