P1N93R

**Name of the Vulnerable Software and Affected Versions** Thymeleaf versions 3.1.1.RELEASE and earlier spring-boot-admin versions 3.1.1 and earlier **Description** The issue allows for a sandbox bypass via crafted HTML, which may be relevant for Server Side Template Injection (SSTI) and code execution in spring-boot-admin if MailNotifier is enabled and there is write access to environment variables via the UI. **Recommendations** For Thymeleaf versions 3.1.1.RELEASE and earlier, update to version 3.1.2.RELEASE or later, which has added countermeasures for this sort of bypass. For spring-boot-admin versions 3.1.1 and earlier, update to version 3.1.2 or later, which contains mitigations for the issue. As a temporary workaround, consider disabling the MailNotifier feature in spring-boot-admin until a patch is available. Restrict access to environment variables via the UI to minimize the risk of exploitation.