CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz
CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz By inserting malicious content in a message’s “Subject” field, an attacker may perform SSTI (Server-Side Template Injection) attacks, which can leverage FreeMarker exposed objects to bypass restrictions and obtain RCE (Remote Code Execution) Note: Although this vulnerability requires a