Description
Before Beetl v3.15.12, the rendering template has a server-side template injection (SSTI) vulnerability. When the incoming template is controllable, it will be filtered by the DefaultNativeSecurityManager blacklist. Because blacklist filtering is not strict, the blacklist can be bypassed, leading to arbitrary code execution.
References (1)
Core 1
Core References
Exploit, Issue Tracking, Vendor Advisory
https://gitee.com/xiandafu/beetl/issues/I8RU01
Scores
CVSS v3
9.8
EPSS
0.0077
EPSS Percentile
74.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-94
Status
published
Products (2)
com.ibeetl/beetl-core
0 - 3.15.13.RELEASEMaven
xiandafu/beetl
3.15.12
Published
Feb 02, 2024
Tracked Since
Feb 18, 2026