Bugzilla 1937440: CVE-2020-13936 velocity: arbitrary code execution when attacker is able to modify templates
(CWE-77|CWE-94): Improper Neutralization of Special Elements used in a Command ('Command Injection') or Improper Control of Generation of Code ('Code Injection')
FAQ: Frequently asked questions about CVE-2020-13936