CVE-2021-42651

A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt