CVE-2023-38286

Name of the Vulnerable Software and Affected Versions Thymeleaf versions 3.1.1.RELEASE and earlier spring-boot-admin versions 3.1.1 and earlier

Description The issue allows for a sandbox bypass via crafted HTML, which may be relevant for Server Side Template Injection (SSTI) and code execution in spring-boot-admin if MailNotifier is enabled and there is write access to environment variables via the UI.

Recommendations For Thymeleaf versions 3.1.1.RELEASE and earlier, update to version 3.1.2.RELEASE or later, which has added countermeasures for this sort of bypass. For spring-boot-admin versions 3.1.1 and earlier, update to version 3.1.2 or later, which contains mitigations for the issue. As a temporary workaround, consider disabling the MailNotifier feature in spring-boot-admin until a patch is available. Restrict access to environment variables via the UI to minimize the risk of exploitation.