Vulnerabilities > Thymeleaf

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-14	CVE-2023-38286	Command Injection vulnerability in multiple products Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. network high complexity thymeleaf codecentric CWE-77	7.5
2021-11-09	CVE-2021-43466	Code Injection vulnerability in Thymeleaf 3.0.12 In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution. network low complexity thymeleaf CWE-94 critical	9.8

Vulnerabilities > Thymeleaf {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Thymeleaf"}]}