Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
ERPNext v15.103.1 and before is vulnerable to Server-Side Template Injection (SSTI). An attacker with permission to create or edit email templates can inject template expressions that are executed on the server when the template is rendered.
AnalysisAI
Server-Side Template Injection in ERPNext v15.103.1 and earlier allows remote code execution through malicious email templates. Attackers with email template editing permissions can inject Jinja2 expressions that execute arbitrary Python code on the server when templates are rendered. SSVC framework confirms POC availability and automatable exploitation with total technical impact. CVSS 9.8 reflects network-reachable critical severity, though the 0.02% EPSS score (5th percentile) suggests limited real-world exploitation attempts to date, likely due to the permission prerequisite.
Technical ContextAI
ERPNext is an open-source ERP system built on the Frappe framework, which uses Jinja2 templating for email generation and other dynamic content rendering. This vulnerability stems from CWE-94 (Improper Control of Generation of Code), specifically server-side template injection where user-controlled input is passed unsanitized to the Jinja2 template engine. When ERPNext renders email templates containing attacker-controlled expressions like {{7*7}} or more malicious payloads accessing Python's built-in functions, the server evaluates these as code rather than data. The Frappe framework's template rendering mechanism fails to properly sandbox or validate template content, allowing privileged users to escalate from template editing to arbitrary code execution. This is a classic SSTI vulnerability pattern affecting many Python web frameworks that expose template engines without sufficient input validation or sandboxing.
RemediationAI
Upgrade ERPNext to version 15.103.2 or later once a patched release is available from Frappe Technologies (check https://github.com/frappe/erpnext/releases and https://github.com/frappe/frappe/releases for updates). No vendor-released patch version is independently confirmed from available data at time of analysis. Until patches are available, implement compensating controls: restrict email template creation and editing permissions to only highly trusted administrators through ERPNext's role-based access control system (System Settings > Role Permissions Manager), removing Template Editor and Email Template write permissions from standard user roles. Enable audit logging for all template modifications to detect potential abuse. Review existing email templates for suspicious Jinja2 expressions containing double curly braces {{}} that reference system functions, subprocess modules, or file operations. Consider deploying ERPNext in containerized environments with restricted system call capabilities (seccomp profiles) and read-only filesystem mounts where feasible to limit post-exploitation impact. Note that permission restrictions reduce usability for legitimate template customization workflows and should be balanced against operational requirements.
Same weakness CWE-94 – Code Injection
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-27402
GHSA-qwh3-h35h-9j9f