CVE-2015-0249
The CVE-2015-0249 entry concerns Apache Roller versions 5.1 through 5.1.1. The vulnerability arises in the weblog page template, where remote authenticated users with weblog admin privileges can execute arbitrary Java code via a crafted Velocity Template Language (VTL). Root cause is the unsafe h...