Vulnerability	Vulnerable Version
H Improper Input Validation Affected versions of this package are vulnerable to Improper Input Validation due to an issue in the render function which allows attackers to execute server-side template injection (SSTI) via a crafted payload. How to fix Improper Input Validation? Upgrade `com.ibeetl:beetl-core` to version 3.16.0.RELEASE or higher.	[,3.16.0.RELEASE)
C Improper Neutralization of Special Elements Used in a Template Engine Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine due to insufficient filtering in the `DefaultNativeSecurityManager` blacklist. An attacker can execute arbitrary code by crafting a malicious template that bypasses the blacklist. How to fix Improper Neutralization of Special Elements Used in a Template Engine? Upgrade `com.ibeetl:beetl-core` to version 3.15.13.RELEASE or higher.	[,3.15.13.RELEASE)

Improper Input Validation

Affected versions of this package are vulnerable to Improper Input Validation due to an issue in the render function which allows attackers to execute server-side template injection (SSTI) via a crafted payload.

How to fix Improper Input Validation?

Upgrade com.ibeetl:beetl-core to version 3.16.0.RELEASE or higher.

[,3.16.0.RELEASE)

Improper Neutralization of Special Elements Used in a Template Engine

Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine due to insufficient filtering in the DefaultNativeSecurityManager blacklist. An attacker can execute arbitrary code by crafting a malicious template that bypasses the blacklist.

How to fix Improper Neutralization of Special Elements Used in a Template Engine?

Upgrade com.ibeetl:beetl-core to version 3.15.13.RELEASE or higher.

[,3.15.13.RELEASE)

Go back to all versions of this package