Vulnerability Database

Published: Jan 3, 2019
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2018-18893" target="_blank" rel="noopener"> CVE-2018-18893
GHSA: <a href="https://github.com/advisories/GHSA-45r8-3495-x6rm" target="_blank" rel="noopener"> GHSA-45r8-3495-x6rm
Severity: Medium
Exploit:

296,702

Total vulnerabilities in the database

Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java.

CVSS v3:

CVSS v2:

No CWE or OWASP classifications available.

Software	From	Fixed in
hubspot / jinjava	-	2.4.6
com.hubspot.jinjava / jinjava	-	2.4.6

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.