Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-38286

Published: 14/07/2023 Updated: 27/07/2023
CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6
VMScore: 0
Subscribe to Thymeleaf

Vulnerability Summary

Thymeleaf up to and including 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) up to and including 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI (Server Side Template Injection) and code execution in spring-boot-admin if MailNotifier is enabled and there is write access to environment variables via the UI.

Vulnerable Product Search on Vulmon Subscribe to Product

thymeleaf thymeleaf

codecentric spring boot admin

Github Repositories

https://github.com/p1n93r/SpringBootAdmin-thymeleaf-SSTI

SpringBootAdmin-thymeleaf-SSTI which can cause RCE

CVE-2023-38286 nvdnistgov/vuln/detail/CVE-2023-38286 Additional Vulnerability Description The sandbox bypass mentioned here refers to bypassing certain blacklists of Thymeleaf, rather than leveraging the context for reflection-based escapes or similar techniques Impact All users who run Spring Boot Admin Server, having enabled MailNotifier and write access to environ

References

CWE-77https://github.com/p1n93r/SpringBootAdmin-thymeleaf-SSTIhttps://nvd.nist.govhttps://github.com/p1n93r/SpringBootAdmin-thymeleaf-SSTI
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook