Improper Input Validation

com.ibeetl:beetl-spring-classic is vulnerable to Improper Input Validation. The vulnerability is due to improper neutralization of special elements in expression language statements within the SpELFunction component, which allows an attacker to inject and execute malicious expressions remotely...

com.ibeetl:beetl-online-web (=3.15.3.RELEASE), com.ibeetl:beetl-spring-boot-starter-classic (>=3.14.1.RELEASE <=3.20.2.RELEASE) potentially affected by CVE-2026-8759 via com.ibeetl:beetl-spring-classic (>=3.14.1.RELEASE <=3.20.2.RELEASE)

com.ibeetl:beetl-spring-classic MAVEN version =3.14.1.RELEASE, =3.14.1.RELEASE, =3.20.2.RELEASE Source cves: CVE-2026-8759 Source advisory: OSV:GHSA-FMMW-44RP-JCFP...

GHSA-FMMW-44RP-JCFP Beetl's SpELFunction extension function has an expression injection risk

A vulnerability was identified in xiandafu beetl up to 3.20.2. Affected is an unknown function of the file beetl-classic-integration/beetl-spring-classic/src/main/java/org/beetl/ext/spring/SpELFunction.java of the component SpELFunction. The manipulation leads to improper neutralization of specia...

CVE-2026-8759

Technical details are not publicly available in the provided documents; no affected versions, vectors, or fixes are specified beyond the description. Monitor for updates.