CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
InfoWorld

Velocity Java engine picks up speed

Providing an alternative to JavaServer Pages (JSP) Web development and the PHP (Hypertext Preprocessor) scripting language, Apache’s Jakarta Velocity tools team is touting open source tools to ...