CVE-2023-38286

Source
https://cve.org/CVERecord?id=CVE-2023-38286
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-38286.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-38286
Aliases
Published
2023-07-14T00:00:00Z
Modified
2026-07-08T07:34:28.746316793Z
Summary
[none]
Details

Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI (Server Side Template Injection) and code execution in spring-boot-admin if MailNotifier is enabled and there is write access to environment variables via the UI.

Database specific
{
    "unresolved_ranges": [
        {
            "source": "DESCRIPTION",
            "extracted_events": [
                {
                    "fixed": "3.1.1.RELEASE"
                },
                {
                    "fixed": "3.1.1"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/38xxx/CVE-2023-38286.json",
    "cna_assigner": "mitre"
}
References

Affected packages

Git / github.com/codecentric/spring-boot-admin

Affected ranges

Type
GIT
Repo
https://github.com/codecentric/spring-boot-admin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:codecentric:spring_boot_admin:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.1.0"
        }
    ]
}

Affected versions

1.*
1.0.3
1.0.4
1.1.0
1.1.1
1.1.2
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.3.0
1.3.1
1.3.2
1.3.3
1.4.0
1.4.1
1.4.2
1.4.3
1.5.0
1.5.1
1.5.2
1.5.3
1.5.4
1.5.5
1.5.6
1.5.7
2.*
2.0.0
2.0.1
2.0.2
2.1.0
2.1.1
2.1.2
2.1.3
2.2.0
2.2.1
2.2.2
2.2.3
2.3.0
2.3.1
2.4.0
2.4.1
2.4.2
2.4.3
2.5.0
2.5.1
2.5.2
2.5.3
2.5.4
2.5.5
2.6.0
2.6.1
2.6.2
2.6.3
2.6.5
2.6.6
2.6.7
2.7.0
2.7.1
2.7.10
2.7.2
2.7.3
2.7.4
2.7.5
2.7.6
2.7.7
2.7.8
2.7.9
3.*
3.0.0
3.0.0-M9
3.0.1
3.0.2
3.0.3
3.0.4
3.1.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-38286.json"

Git / github.com/thymeleaf/thymeleaf

Affected ranges

Type
GIT
Repo
https://github.com/thymeleaf/thymeleaf
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:thymeleaf:thymeleaf:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.1.1"
        }
    ]
}

Affected versions

thymeleaf-2.*
thymeleaf-2.0.0
thymeleaf-2.0.0-beta1
thymeleaf-2.0.0-beta2
thymeleaf-2.0.1
thymeleaf-2.0.10
thymeleaf-2.0.11
thymeleaf-2.0.12
thymeleaf-2.0.13
thymeleaf-2.0.14
thymeleaf-2.0.15
thymeleaf-2.0.16
thymeleaf-2.0.2
thymeleaf-2.0.3
thymeleaf-2.0.4
thymeleaf-2.0.5
thymeleaf-2.0.6
thymeleaf-2.0.7
thymeleaf-2.0.8
thymeleaf-2.0.9
thymeleaf-2.1.0-beta1
thymeleaf-2.1.0-beta2
thymeleaf-2.1.0-m1
thymeleaf-2.1.0-m2
thymeleaf-2.1.0-m3
thymeleaf-2.1.0.RELEASE
thymeleaf-2.1.1.RELEASE
thymeleaf-2.1.2.RELEASE
thymeleaf-2.1.3.RELEASE
thymeleaf-3.*
thymeleaf-3.0.0.ALPHA01
thymeleaf-3.0.0.ALPHA02
thymeleaf-3.0.0.ALPHA03
thymeleaf-3.0.0.BETA01
thymeleaf-3.0.0.BETA02
thymeleaf-3.0.0.BETA03
thymeleaf-3.0.0.RELEASE
thymeleaf-3.0.1.RELEASE
thymeleaf-3.0.10.RELEASE
thymeleaf-3.0.11.RELEASE
thymeleaf-3.0.12.RELEASE
thymeleaf-3.0.13.RELEASE
thymeleaf-3.0.14.RELEASE
thymeleaf-3.0.2.RELEASE
thymeleaf-3.0.3.RELEASE
thymeleaf-3.0.4.RELEASE
thymeleaf-3.0.5.RELEASE
thymeleaf-3.0.6.RELEASE
thymeleaf-3.0.7.RELEASE
thymeleaf-3.0.8.RELEASE
thymeleaf-3.0.9.RELEASE
thymeleaf-3.1.0.M1
thymeleaf-3.1.0.M2
thymeleaf-3.1.0.M2-dev01
thymeleaf-3.1.0.M3
thymeleaf-3.1.0.RC1
thymeleaf-3.1.0.RC2
thymeleaf-3.1.0.RELEASE
thymeleaf-3.1.1.RELEASE

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-38286.json"