Vulnerability Details CVE-2021-43466
In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.051
EPSS Ranking 89.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 6.8
References
- https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html
- https://security.netapp.com/advisory/ntap-20221014-0001/
- https://vuldb.com/?id.186365
- https://gitee.com/wayne_wwang/wayne_wwang/blob/master/2021/10/31/ruoyi+thymeleaf-rce/index.html
- https://security.netapp.com/advisory/ntap-20221014-0001/
- https://vuldb.com/?id.186365