CVE-2021-43466

CVE-2021-43466

EPSS 3.9%

In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html https://security.netapp.com/advisory/ntap-20221014-0001/https://vuldb.com/?id.186365