CVE-2021-43466

CVE-2021-43466

EPSS 3.9%

In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html https://security.netapp.com/advisory/ntap-20221014-0001/https://vuldb.com/?id.186365