Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1336 — Vulnerability Class 118

118 vulnerabilities classified as CWE-1336. AI Chinese analysis included.

CWE-1336 represents a critical injection vulnerability where applications fail to properly sanitize user-supplied data before passing it to a template engine. This weakness allows attackers to inject malicious template expressions or code directives that the engine interprets as executable logic rather than static text. Exploitation typically occurs when developers directly embed unvalidated user input into templates, enabling remote code execution, server-side request forgery, or sensitive data leakage. To mitigate this risk, developers must strictly enforce input validation and utilize built-in auto-escaping features provided by modern template frameworks. Additionally, implementing the principle of least privilege ensures that even if an injection succeeds, the potential impact is contained. Regular security audits and static code analysis tools can further help identify unsafe template usage patterns before deployment.

MITRE CWE Description
The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine. Many web applications use template engines that allow developers to insert externally-influenced values into free text or messages in order to generate a full web page, document, message, etc. Such engines include Twig, Jinja2, Pug, Java Server Pages, FreeMarker, Velocity, ColdFusion, Smarty, and many others - including PHP itself. Some CMS (Content Management Systems) also use templates. Template engines often have their own custom command or expression language. If an attacker can influence input into a template before it is processed, then the attacker can invoke arbitrary expressions, i.e. perform injection attacks. For example, in some template languages, an attacker could inject the expression "{{7*7}}" and determine if the output returns "49" instead. The syntax varies depending on the language. In some cases, XSS-style attacks can work, which can obscure the root cause if the developer does not closely investigate the root cause of the error. Template engines can be used on the server or client, so both "sides" could be affected by injection. The mechanisms of attack or the affected technologies might be different, but the mistake is fundamentally the same.
Common Consequences (1)
IntegrityExecute Unauthorized Code or Commands
Mitigations (2)
Architecture and DesignChoose a template engine that offers a sandbox or restricted mode, or at least limits the power of any available expressions, function calls, or commands.
ImplementationUse the template engine's sandbox or restricted mode, if available.
CVE IDTitleCVSSSeverityPublished
CVE-2026-2969 datapizza-labs datapizza-ai Jinja2 Template prompt.py ChatPromptTemplate special elements used in a template engine — datapizza-ai 4.7 Medium2026-02-23
CVE-2026-27464 Metabase: Server-Side Template Injection via Notifications Endpoint Leads to RCE — metabase 7.7 High2026-02-21
CVE-2025-12107 Potential authenticated Server-Side Template Injection (SSTI) vulnerability. — WSO2 Identity Server 8.4 High2026-02-19
CVE-2026-1868 Improper Neutralization of Special Elements Used in a Template Engine in GitLab AI Gateway — GitLab AI Gateway 9.9 Critical2026-02-09
CVE-2026-25731 Calibre Affected by Arbitrary Code Execution via Server-Side Template Injection in Calibre HTML Export — calibre 7.8 High2026-02-06
CVE-2026-25526 JinJava Bypass through ForTag leads to Arbitrary Java Execution — jinjava 9.8 Critical2026-02-04
CVE-2025-46699 Dell Data Protection Advisor 安全漏洞 — Data Protection Advisor 4.3 Medium2026-01-23
CVE-2026-23626 Kimai Vulnerable to Authenticated Server-Side Template Injection (SSTI) — kimai 6.8 Medium2026-01-18
CVE-2026-22244 OpenMetadata Server-Side Template Injection (SSTI) in FreeMarker email templates that leads to RCE — OpenMetadata 7.2 -2026-01-08
CVE-2025-68454 Craft CMS vulnerable to potential authenticated Remote Code Execution via Twig SSTI — cms 7.2 -2026-01-05
CVE-2026-21450 Bagisto has SSTI in parameter that can lead to RCE — bagisto 9.8 -2026-01-02
CVE-2026-21449 Bagisto has SSTI via first and last name from low-privilege user (not admin) — bagisto 9.9 -2026-01-02
CVE-2026-21448 Bagisto has Normal & Blind SSTI from low-privilege user when ordering product — bagisto 8.8 -2026-01-02
CVE-2025-68929 Frappe may be vulnerable remote code execution due to server-side template injection — frappe 9.1 Critical2025-12-29
CVE-2025-67843 Mintlify 安全漏洞 — Mintlify Platform 8.3 High2025-12-19
CVE-2025-14700 Improper Neutralization of Special Elements Used in a Template Engine in Crafty Controller — Crafty Controller 9.9 Critical2025-12-17
CVE-2025-14731 CTCMS Content Management System Frontend/Template Management CT_Parser.php special elements used in a template engine — Content Management System 6.3 Medium2025-12-15
CVE-2024-58303 FoF Pretty Mail 1.1.2 Server Side Template Injection via Email Template Settings — FriendsofFlarum Pretty Mail 7.2AIHighAI2025-12-11
CVE-2024-58293 Akaunting 3.1.8 Server-Side Template Injection via Multiple Form Fields — Akaunting 7.2AIHighAI2025-12-11
CVE-2025-66298 Grav is vulnerable to Server-Side Template Injection (SSTI) via Forms — grav 5.3AIMediumAI2025-12-01
CVE-2025-66297 Grav vulnerable to Privilege Escalation and Authenticated Remote Code Execution via Twig Injection — grav 7.2AIHighAI2025-12-01
CVE-2025-66361 Logpoint SIEM 安全漏洞 — SIEM 6.5 -2025-11-27
CVE-2025-65106 LangChain Vulnerable to Template Injection via Attribute Access in Prompt Templates — langchain 8.8 -2025-11-21
CVE-2025-37729 Elastic Cloud Enterprise (ECE) Improper Neutralization of Special Elements Used in a Template Engine — Elastic Cloud Enterprise (ECE) 9.1 Critical2025-10-13
CVE-2025-54287 Arbitrary File Read via Template Injection in Snapshot Patterns — LXD 6.5AIMediumAI2025-10-02
CVE-2025-10380 Advanced Views – Display Posts, Custom Fields, and More <= 3.7.19 - Authenticated (Author+) Remote Code Execution via SSTI — Advanced Views – Display Custom Fields (ACF, Pods, MetaBox), Posts, CPT and Woo Products anywhere in Gutenberg, Elementor, Divi, Beaver… 8.8 High2025-09-23
CVE-2025-59340 jinjava Sandbox Bypass via JavaType-Based Deserialization — jinjava 9.8 Critical2025-09-17
CVE-2025-35113 Agiloft improper neutralization in EUI template engine — Agiloft 5.9 Medium2025-08-26
CVE-2025-57811 Craft Potential Remote Code Execution via Twig SSTI — cms 9.8AICriticalAI2025-08-25
CVE-2025-9094 ThingsBoard Add Gateway special elements used in a template engine — ThingsBoard 4.3 Medium2025-08-17

Vulnerabilities classified as CWE-1336 represent 118 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.