CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack
CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack By inserting malicious content in the Notification FTL files, an attacker may perform SSTI (Server-Side Template Injection) attacks, which can leverage FreeMarker exposed objects to bypass restrictions and obtain RCE (Remote Code Execution) Note: This issue exists because of an incomplete fix for C