RCE vulnerability affecting v1beta3 templates in @backstage/plugin-scaffolder-backend
The templating library used by the scaffolder backend assumes that templates are trusted which is an undesired property of the scaffolder-backend. This has now been mitigated by sandboxing the template code execution. Impact A malicious actor with write access to a registered scaffolder template...