CVE-2025-3805 – Jinja2 Template Handler Local File Injection Vulnerability in Sarrionandia Tournatrack

April 20, 2025

CVE ID : CVE-2025-3805

Published : April 19, 2025, 4:15 p.m. | 12 hours, 38 minutes ago

Description : A vulnerability classified as critical was found in sarrionandia tournatrack up to 4c13a23f43da5317eea4614870a7a8510fc540ec. Affected by this vulnerability is an unknown functionality of the file check_id.py of the component Jinja2 Template Handler. The manipulation of the argument ID leads to injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleWindows 11 File Explorer gets better theme accent support, progress bar looks darker

Next Article CVE-2025-3804 – Thautwarm VSCode-Diana Jinja2 Template Handler Injection Vulnerability

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Anthropic researchers say next-generation AI models will reduce humans to “meat robots” in a spectrum of crazy futures

Xbox just quietly added two of the best RPGs of all time to Game Pass

7 reasons The Division 2 is a game you should be playing in 2025

Mastering TypeScript: How Complex Should Your Types Be?

Mastering TypeScript: How Complex Should Your Types Be?

IDMC – CDI Best Practices

PWC-IDMC Migration Gaps

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Anthropic researchers say next-generation AI models will reduce humans to “meat robots” in a spectrum of crazy futures

Xbox just quietly added two of the best RPGs of all time to Game Pass

CVE-2025-3805 – Jinja2 Template Handler Local File Injection Vulnerability in Sarrionandia Tournatrack

High-Severity Flaw in MIM Medical Imaging Software Allows Code Execution!

Amazon Alerts: High-Severity FreeRTOS-Plus-TCP Flaw Needs Immediate Patch!

Quick Glossary: Payroll

CVE-2025-37992 – Linux Kernel net_sched NULL Pointer Dereference Vulnerability

That new Elden Ring Nightreign trailer has me more excited than ever for the roguelike RPG, but one thing has me worried

HydePHP – The Static Site Generator with Caen De Silva

LifelongAgentBench: A Benchmark for Evaluating Continuous Learning in LLM-Based Agents

DeepMind’s latest research at ICLR 2023

Apple Intelligence Foundation Language Models

Microsoft’s End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now

CVE-2025-3805 – Jinja2 Template Handler Local File Injection Vulnerability in Sarrionandia Tournatrack

Related Posts