Vulnerabilities > Hubspot > Jinjava
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-19 | CVE-2020-12668 | Incorrect Authorization vulnerability in Hubspot Jinjava Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. | 6.5 |
| 2019-01-03 | CVE-2018-18893 | Unspecified vulnerability in Hubspot Jinjava Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java. | 5.3 |