CVE-2021-43097
Published
CVSS v3
7.2
HIGH
CVSS v2
6.5
MEDIUM
Affected
1
PROJECT
Description
A Server-side Template Injection (SSTI) vulnerability exists in bbs 5.3 in TemplateManageAction.javawhich could let a malicoius user execute arbitrary code.
巡云轻论坛是一款基于 JDK21 + Spring Boot 4.x 构建的现代社区系统,采用前后端分离架构,自适应移动端与 PC 端。系统集成论坛与问答模块。针对高频访问数据表引入分表存储策略,有效解决单表性能瓶颈。论坛全面适配国产信创达梦数据库及 MySQL,是追求极致性能与合规性的现代社区首选方案。 演示站:https://bbs3.diyhi.com
GitHub