Critical severityNVD Advisory· Published Jun 26, 2023· Updated Dec 5, 2024
CVE-2021-31635
CVE-2021-31635
Description
Server-Side Template Injection (SSTI) vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the template function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.jfinal:jfinalMaven | <= 4.9.08 | — |
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-cgmm-c2m9-ff7rghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-31635ghsaADVISORY
- gitee.com/jfinal/jfinal/issues/I3IXLEghsaWEB
- github.com/jfinal/jfinal/issues/187ghsaWEB
News mentions
0No linked articles in our index yet.