2 matches found
GHSA-7GJ7-224W-VPR3 Spring-boot-admin sandbox bypass via crafted HTML
Thymeleaf through 3.1.1.RELEASE as used in spring-boot-admin aka Spring Boot Admin through 3.1.1 allows for a sandbox bypass via crafted HTML. This may be relevant for SSTI Server Side Template Injection and code execution in spring-boot-admin if MailNotifier is enabled and there is write access ...
POP Peeper mail notifier buffer overflow
Buffer overflow UIDL server reply parsing...