Back to all
CVE

CVE-2021-43466

Template injection in thymeleaf-spring5

In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution.

Endor Patches

Patch Name
Vulnerabilities fixed
Lines of Code Changed
com.thoughtworks.xstream:xstream
com.thoughtworks.xstream:xstream
com.thoughtworks.xstream:xstream