CVE-2021-43466

Improper Control of Generation of Code ('Code Injection') in maven/org.thymeleaf/thymeleaf-spring5

Identifiers

CVE-2021-43466

Package Slug

maven/org.thymeleaf/thymeleaf-spring5

Vulnerability

Improper Control of Generation of Code ('Code Injection')

Description

In the thymeleaf-spring component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution.

Affected Versions

Version 3.0.12

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-11-19

source