/alerttags/cve-2022-42889/ Recent content in CVE-2022-42889 on ZAP Hugo en-us /docs/alerts/40047/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/alerts/40047/ <p>Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults.Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded.The application has been shown to initial contact with remote servers via variable interpolation and may well be vulnerable to Remote Code Execution (RCE).</p>