Smartadmin

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-3725 MEDIUM This Month

SmartAdmin versions up to 3.29 contain a template injection vulnerability in the FreeMarker template handler that allows authenticated remote attackers to manipulate template content and achieve code execution. The flaw exists in the MailService component's freemarkerResolverContent function and has a public exploit available. Since no patch is available and the vendor has not responded, organizations using affected versions should immediately assess exposure and consider alternative solutions.

Java Information Disclosure Smartadmin

NVD VulDB

CVSS 3.1

6.3

EPSS

0.0%

CVE-2026-3725

EPSS 0% CVSS 6.3

MEDIUM This Month

SmartAdmin versions up to 3.29 contain a template injection vulnerability in the FreeMarker template handler that allows authenticated remote attackers to manipulate template content and achieve code execution. The flaw exists in the MailService component's freemarkerResolverContent function and has a public exploit available. Since no patch is available and the vendor has not responded, organizations using affected versions should immediately assess exposure and consider alternative solutions.

Java Information Disclosure Smartadmin

NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy