Thymeleaf: Thymeleaf RESTRICTED Mode Bypass — Server-Side Template Injection (SSTI)
CWE-94
Improper Control of Generation of Code
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Per GHSA-r4v4-5mwr-2fwr: “A security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf up to and including 3.1.3.RELEASE. Although the library provides mechanisms to prevent expression injection, it fails to properly restrict the scope of accessible objects, allowing specific potentially sensitive objects to be reached from within a template. If an application developer passes unvalidated user input directly to the template engine, an unauthenticated remote attacker can bypass the library’s protections to achieve Server-Side Template Injection (SSTI).”
Affected Packages / Versions
- Package:
thymeleaf(Maven) - Latest published version at triage time:
3.1.3.RELEASE - Affected range:
Per GHSA-r4v4-5mwr-2fwr: <= 3.1.3.RELEASE on org.thymeleaf:thymeleaf, thymeleaf-spring5, and thymeleaf-spring6 - Patched version:
Per GHSA-r4v4-5mwr-2fwr: a release after 3.1.3.RELEASE (vendor's GHSA references the fix; confirm specific version against thymeleaf/thymeleaf release notes)
Impact
Per GHSA: SSTI yielding remote code execution when user input flows into the template engine. The GHSA does not enumerate specific downstream consequences.
Severity Rationale
GHSA severity: CRITICAL. NVD CVSS 9.0 (Critical): network AV, high complexity (an injection sink in the application is required), no privileges, no UI, scope-changing, full CIA.
Fix
Per GHSA: upgrade past 3.1.3.RELEASE on org.thymeleaf:thymeleaf, thymeleaf-spring5, and thymeleaf-spring6. Confirm the specific patched version against the vendor’s release notes before publication.
Disclosure timeline
- Feb 16, 2026Reported to vendor (per Praetorian cve-research listing)
- Apr 15, 2026GHSA-r4v4-5mwr-2fwr published
- TBDPublic disclosure (Praetorian blog)
Fix Commit(s)
References
Discovered by Thomas Reburn · Published April 29, 2026