https://bugzilla.redhat.com/show_bug.cgi?id=1937440
--- Doc Text *updated* by Eric Christensen <sparks(a)redhat.com> ---
A flaw was found in velocity. An attacker, able to modify Velocity templates, may execute
arbitrary Java code or run arbitrary system commands with the same privileges as the
account running the Servlet container. The highest threat from this vulnerability is to
data confidentiality and integrity as well as system availability.
--
You are receiving this mail because:
You are on the CC list for the bug.