Maven package
com.ibeetl/beetl
pkg:maven/com.ibeetl/beetl
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-22490 | — | <= 2.0.0 | — | Jan 23, 2024 | Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the /index keyword parameter. | ||
| CVE-2024-22491 | — | <= 2.0.0 | — | Jan 16, 2024 | A Stored Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter. | ||
| CVE-2023-30331 | — | <= 3.15.0.RELEASE | — | May 4, 2023 | An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection (SSTI) via a crafted payload. |
- CVE-2024-22490Jan 23, 2024affected <= 2.0.0
Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the /index keyword parameter.
- CVE-2024-22491Jan 16, 2024affected <= 2.0.0
A Stored Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter.
- CVE-2023-30331May 4, 2023affected <= 3.15.0.RELEASE
An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection (SSTI) via a crafted payload.