Fmyyy

**Name of the Vulnerable Software and Affected Versions** com.bstek.uflo:uflo-core (affected versions not specified) **Description** The issue concerns improper user input validation in the ExpressionContextImpl class, specifically via the `jexl.createExpression(expression).evaluate(context)` functionality, leading to Remote Code Execution (RCE). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.