The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25967
Reference (s):
- https://www.cnpanda.net/codeaudit/777.html