FreeMarker Template Name Information Disclosure Vulnerability

FreeMarker Template Name Information Disclosure Vulnerability

FreeMarker is prone to an information-disclosure vulnerability because it fails to sufficiently sanitize user-supplied input.

Successfully exploiting this issue will allow an attacker to load arbitrary template files from the local system. Information harvested may aid in launching further attacks.

FreeMarker versions prior to 2.3.17 are affected.