Rive-N

**Name of the Vulnerable Software and Affected Versions** Cachet versions prior to 2.4 **Description** A template functionality in Cachet allows users to create templates, which can lead to the execution of any code on the server due to bad filtration and an old twig version. This issue can be exploited through the `/api/v1/incidents` API endpoint, where an attacker can control the `template` input passed to the `CreateIncidentCommandHandler.php` handler. If an attacker can control this data, they may be able to trigger a server-side template injection vulnerability, leading to remote code execution. The vulnerability exists in the processing of data by Cachet without filtration, not within the Twig library itself. **Recommendations** Update to Cachet version 2.4 or later to patch this issue. As a temporary workaround, consider filtering user-controlled data by a safe pattern to minimize the risk of exploitation. Restrict access to the `/api/v1/incidents` API endpoint for non-admin users to prevent triggering this vulnerability. Use sandboxed twig mode to limit the potential damage from template injection attacks.