Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2023-38286 Vulnerability in maven package de.codecentric:spring-boot-admin-server

Description

Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI (Server Side Template Injection) and code execution in spring-boot-admin if MailNotifier is enabled and there is write access to environment variables via the UI.

Remediation

References

https://github.com/p1n93r/SpringBootAdmin-thymeleaf-SSTI

Related Vulnerabilities

CVE-2018-14732 Vulnerability in maven package org.webjars.npm:webpack-dev-server

CVE-2022-38900 Vulnerability in npm package decode-uri-component

CVE-2017-16209 Vulnerability in npm package enserver

CVE-2013-1808 Vulnerability in npm package zeroclipboard

CVE-2019-16869 Vulnerability in maven package io.netty:netty

Severity

High

Classification

CWE-77 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit