Name of the Vulnerable Software and Affected Versions Fief (affected versions not specified)

Description The issue is related to Server-Side Template Injection (SSTI), a vulnerability within application templating engines where user input is improperly handled and embedded into the template, possibly leading to code execution. An attacker can use SSTI to execute code on the underlying system by manipulating values within the embedded template. This can allow an attacker to run permissioned commands under the exploited process or exploit Cross-Site Scripting (XSS) to run code within the user's browser. SSTI can lead to reputational damage for the business due to a loss in confidence and trust by users, and if an attacker successfully executes code within the underlying system, it can result in data theft and indirect financial losses.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.